Thanks Chris… time to update the web servers I suppose.
Bob Patin
Longterm Solutions
bob@xxxxxxxxxxxxxxxxxxxxx
615-333-6858
FileMaker 9, 10, 11, 12 & 13 Certified Developer
http://www.longtermsolutions.com
-
iChat: bobpatin@xxxxxx
Twitter: bobpatin
—
FileMaker Consulting
FileMaker Hosting for all versions of FileMaker
PHP • Full email services • Free DNS hosting • Colocation • Consulting
On Jun 7, 2017, at 9:50 AM, Chris Moyer <cmoyer@xxxxxxxxxxxxxx> wrote:
This seems to be related to your question:
https://security.stackexchange.com/questions/96717/ssl-tls-certificate-update ;
<https://security.stackexchange.com/questions/96717/ssl-tls-certificate-update>
Quote:
A SSL/TLS server certificate asserts the identity of the server. This
certificate is independent of the SSL/TLS protocol version. The SSL/TLS
version is negotiated during the connection, before the certificate is
presented to a client. If you enable TLSv1.2 support, then clients are able
to use more secure ciphers and protect against some other attacks. You do
not need to create a new certificate when changing protocol versions.
Even if the newer protocol can work with your old certificate, you might
want to review the parameters of your certificate. In particular:
MD5 and SHA-1 signatures are considered insecure. Move to SHA-256.
1024-bit RSA keys are considered insecure. Consider moving to 2048-bit RSA
or better.
Chris
*******************************
Chris Moyer
The Moyer Group
Phone: 404-229-1127 <tel:404-229-1127>
http://www.moyergroup.com ;<http://www.moyergroup.com/>
On Jun 7, 2017, at 10:34 AM, Bob Patin <bob@xxxxxxxxx
<mailto:bob@xxxxxxxxx>> wrote:
I’ve gotten notices from Authorize.net <http://authorize.net/> about their
discontinuation of support for TLS 1.0 and 1.1; I have quite a few web apps
that I wrote and host that use Auth.net <http://auth.net/>, and I’m just not
clear on what I have to do.
From speaking with an Authorize.net <http://authorize.net/> tech, it sounds
like nothing has to change in the API that I used, but my guess is that the
web servers that host these sites MUST be running TLS 1.2. Is this correct?
If that’s true, I’m assuming I’ll have to get new SSL certificates for the
sites that are using Auth.net <http://auth.net/>; is that correct?
Thanks for any insights,
Bob Patin
Longterm Solutions
bob@xxxxxxxxxxxxxxxxxxxxx <mailto:bob@xxxxxxxxxxxxxxxxxxxxx>
615-333-6858
FileMaker 9, 10, 11, 12 & 13 Certified Developer
http://www.longtermsolutions.com ;<http://www.longtermsolutions.com/>
-
iChat: bobpatin@xxxxxx <mailto:bobpatin@xxxxxx>
Twitter: bobpatin
—
FileMaker Consulting
FileMaker Hosting for all versions of FileMaker
PHP • Full email services • Free DNS hosting • Colocation • Consulting
