TLS 1.0/1.1 Deprecation
On August 23, 2018 we will no longer support Transport Layer Security (TLS) versions 1.0 and 1.1. All API requests using the HTTPS protocol must use TLS 1.2.
What will happen if you do not update
Why we are doing this
TLS is a cryptographic protocol that describes how computers can securely communicate with each other. TLS 1.0 and TLS 1.1 are several years old and use hashing functions that have known vulnerabilities. Further TLS 1.0 is no longer recommended by the National Institute of Standards and Technology (NIST) and will no longer be PCI compliant as of June 30th.
To ensure the most secure experience for our clients and their end-users, we will no longer be supporting TLS 1.0 and TLS 1.1 starting on August 23, 2018.
How to determine if you are affected
To be affected, you must be using any of the following Bazaarvoice products:
- Conversations API
- Notifications Subscriptions API
- Displayable Content Service (DCE)
- Curations API
- Privacy API
- Mobile SDK
- Response API
If you are using any of the products listed above, you may be affected if you use HTTPS to make requests as shown in the example below:
If you are using HTTPS, that means your application is connecting to Bazaarvoice using TLS.
You must further investigate to determine which version of TLS your application is using. If it is not TLS 1.2, then you must upgrade your application to use that version.
This is a security requirement that applies across our platform, and we are unable to make exceptions.
Please contact us for additional assistance.
We apologize for any inconvenience this may cause and appreciate your support.