Notice: Discontinuation of TLS 1.0
On March 26th, 2016, NeonCRM’s API will be will be removing protocol support for TLS v1.0. This upgrade may affect your ability to connect to NeonCRM’s API.
Any API integrations you have built will need to be compatible with TLS versions 1.1 or 1.2.
These changes are technical and we advise you to consult with your technology teams. We have provided a table (below) that has information on which platforms are compatible with versions of TLS.
| Platform or Library | TLS 1.1 or Higher Compatibility Notes |
|---|---|
| Java | Compatible with the most recent, stable version, regardless of operating system |
| Java 8 (1.8) and higher | Compatible by default |
| Java 7 (1.7) | Enable TLS 1.1 and TLS 1.2 using the https.protocols Java system property for HttpsURLConnection. To enable TLS 1.1 and TLS 1.2 on non-HttpsURLConnection connections, set the enabled protocols on the created SSLSocket and SSLEngine instances within the application source code. |
| Java 6 (1.6) and below | Not compatible with TLS 1.1 or higher encryption |
| .NET | Compatible with the most recent, stable version when run in an operating system that supports TLS 1.1 or TLS 1.2 |
|
.NET 4.6 and higher |
Compatible by default |
| .NET 4.5 to 4.5.2 |
|
| .NET 4.0 |
.NET 4.0 does not enable TLS 1.2 by default. To enable TLS 1.2 by default, it is possible to set the SchUseStrongCrypto DWORD value in the following two registry keys to 1, creating them if they don’t exist: “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319” and “HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319”. Those registry keys, however, will enable TLS 1.2 by default in all installed .NET 4.0, 4.5, 4.5.1, and 4.5.2 applications on that system. We recommend testing this change before deploying it to your production servers. This is also available as a registry import file. These registry values, however, will not affect .NET applications that set the System.Net.ServicePointManager.SecurityProtocol value. |
| .NET 3.5 and below | Not compatible with TLS 1.1 or higher encryption |
| Python | Compatible with the most recent, stable version when run in an operating system that supports TLS 1.1 or TLS 1.2 |
|
Python 2.7.9 and higher |
Compatible by default |
|
Python 2.7.8 and below |
Not compatible with TLS 1.1 or higher encryption |
|
Ruby |
Compatible with the most recent, stable version when linked to OpenSSL 1.0.1 or higher |
|
Ruby 2.0.0 |
TLS 1.2 is enabled by default when used with OpenSSL 1.0.1 or higher. Using the :TLSv1_2 (preferred) or :TLSv1_1 symbols with an SSLContext’s ssl_version helps ensure that TLS 1.0 or earlier is disabled. |
| Ruby 1.9.3 and below |
The :TLSv1_2 symbol does not exist in 1.9.3 and below, but it is possible to patch Ruby to add that symbol and compile Ruby with OpenSSL 1.0.1 or higher. |
|
Microsoft WinINet |
Compatible with the most recent, stable version |
|
Compatible by default |
|
Compatible by default if Internet Explorer 11 is installed. If Internet Explorer 8, 9, or 10 is installed, then TLS 1.1 and TLS 1.2 will need to get enabled by the user or an administrator for compatibility. Review the Enabling TLS 1.1 and TLS 1.2 in Internet Explorer article to enable TLS 1.1 or higher encryption. |
|
Not compatible with TLS 1.1 or higher encryption |
|
Microsoft Secure Channel (Schannel) |
Compatible with the most recent, stable version |
|
Compatible by default |
|
TLS 1.1 and TLS 1.2 are disabled by default, but are available if enabled by an application. TLS 1.1 and TLS 1.2 can be enabled by default within the registry. Those registry settings are also available as a registry import file. |
|
Compatible by default in client mode when Internet Explorer 11 is installed. If Internet Explorer 11 is not installed TLS 1.1 and TLS 1.2 can be enabled by default within the registry. Those registry settings are also available as a registry import file. Some applications enable TLS 1.1 and TLS 1.2 without either these registry settings or Internet Explorer 11. |
|
Not compatible with TLS 1.1 or higher encryption |
|
OpenSSL |
Compatible with the most recent, stable version, regardless of operating system |
|
OpenSSL 1.0.1 and higher |
Compatible by default |
|
OpenSSL 1.0.0 and below |
Not compatible with TLS 1.1 or higher encryption |
|
Mozilla NSS |
Compatible with the most recent, stable version, regardless of operating system |
|
3.15.1 and higher |
Compatible by default |
|
3.14 to 3.15 |
Compatible with TLS 1.1, but not with TLS 1.2 |
|
3.13.6 and below |
Not compatible with TLS 1.1 or higher encryption |