Transport Layer Security is a suite of encryption protocols that enables secure communication between web services and your site visitors. They mostly cover HTTPS and secure email logins but can include any service that requires SSL to function properly.
TLS 1.0 is generally no longer considered secure and we will be terminating support for its associated encryption ciphers. We will continue to support TLS 1.1 and 1.2. The changes will have the following effects on service:
Website Functionality
If your website is not secured with an SSL certificate it will be unaffected by this change.
If your website communicates with outside APIs using TLS 1.0 you may require some modifications to your site software. Generally API access can be upgraded to TLS 1.1 and 1.2 without breaking connectivity as long as different API endpoints aren't required.
If your website is secured with an SSL certificate you and your site visitors will require a web browser with TLS 1.1 or 1.2 support. The following web browsers support TLS 1.1 or greater:
- Apple Safari - version 7 and higher
- Apple Safari Mobile - version 6 and higher
- Google Chrome - version 30 and higher
- Chrome for Android - version 30 and higher
- Firefox - version 27 and higher
- Firefox Extended Support Release - version 31 and higher
- Firefox for Mobile - version 27 and higher
- Internet Explorer - version 11
- Internet Explorer Mobile - version 11
- Microsoft Edge - all versions
- Opera - version 17 and higher
- Opera Mobile - version 17 and higher
If you're unsure of your browser's version SSL Labs Browser Agent Tester will let you know your current browser and TLS support level. If you're running a version with no support for TLS 1.1 we suggest upgrading to a compatible browser.
Additionally, your operating system may limit TLS compatibility. Microsoft Windows 7 and higher, Apple OS X 10.9 and higher, Apple iOS 5 and higher, Android 4.4 and higher all support TLS 1.1 and 1.2. Compatible software as listed above is still required for secure connectivity. Microsoft, Apple, and Google operating systems older than those listed are generally not considered secure and an update to a more modern OS is highly recommended.
Email Functionality
If you connect to your domain's webmail your browser will require TLS 1.1 or 1.2 support. The above list of browser versions will support the webmail service.
If you connect to your domain's email service with an email client your software will require TLS 1.1 or 1.2 support. Most email clients with versions released this year support the latest TLS protocols. Apple email clients began full support for TLS 1.1 and 1.2 this year.
If you are running Microsoft Windows 7 and Outlook you may require an update to your Operating System. Microsoft has a instructions on how to apply the update (KB3140245) as well as the additional "Easy Fix" listed on the same webpage to apply the relevant registry entries.
If you're still encountering issues you may require Windows 7 SCHANNEL TLS settings added or updated in your registry. In general modifying your Windows Registry is best left to IT professionals as misconfigured settings can cause sever problems with your operating system, and we offer no support for such changes, but the following links have further information on the process:
How do I enable TLS 1.2 on Windows 7?
Enabling TLS 1.1 and 1.2 in Outlook on Windows 7
Once the registry settings have been added or updated a reboot is recommended.
In general you want to be using the latest web browser and email client software in order to keep your information secure. If you run into any issues please contact support.
FTP Functionality
If you connect to your domain's FTP service your application will require TLS 1.1 or 1.2 support. The latest versions of the following clients support TLS 1.1 and 1.2 while using FTPS or FTPES protocols.
