article

John Wang avatar image
John Wang Deactivated posted John Wang Deactivated edited

RingCentral Disabling TLS 1.0/1.1 for Developer APIs

What will change?

On April 30, 2021, at approximately 11:00 pm PST, RingCentral will discontinue support for TLS 1.0 and TLS 1.1 on RingCentral Developer API at https://platform.ringcentral.com/ and https://platform.ringcentral.biz. Older browsers and API clients without TLS 1.2 support will no longer work. Client-side JavaScript apps will rely on the browser version for TLS support and may also be affected.

How do I know if I'm affected?

Visit the following resources to check your browser or API client for TLS 1.2 support:

How to test yourself?

The RingCentral Developer Sandbox Environment can be used for TLS 1.2 testing as TLS 1.0 and 1.1 support have already been discontinued on that system. You can connect your app to any valid Sandbox URL or use the following root URL for testing.

You can also visit the following sites for more information on testing your browser, API client, or code for TLS 1.2 support:

For API clients, using How's My SSL, you will receive a JSON response and the "tls_version" property should say "TLS 1.2". A successful connection will result in a "ConnectionOK" (with a 200 HTTP Response Status Code) which indicates your system will work. If you receive an SSL, TLS, Connection, or Negotiation error, then you will need to upgrade your browser or language or library to continue using our services.

An example response from howsmyssl.com is shown below with the “tls_version” property.


{
   "given_cipher_suites":[
      "TLS_RSA_WITH_AES_256_GCM_SHA384",
      "TLS_RSA_WITH_AES_256_CBC_SHA",
      "TLS_RSA_WITH_AES_128_GCM_SHA256",
      "TLS_RSA_WITH_AES_128_CBC_SHA",
      "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
      "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
      "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
      "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
      "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
   ],
   "ephemeral_keys_supported":true,
   "session_ticket_supported":false,
   "tls_compression_supported":false,
   "unknown_cipher_suite_supported":false,
   "beast_vuln":false,
   "able_to_detect_n_minus_one_splitting":false,
   "insecure_cipher_suites":{},
   "tls_version":"TLS 1.2",
   "rating":"Probably Okay"
}

API library support

If you are running code that connects with the RingCentral API, it is vital to check support so that it will continue to work after the date specified above. Each language and library is different so we cannot provide information on all languages.

The following languages need significant changes/upgrades to continue working:

  • Java 6u45 / 7u45

  • .NET before 4.5 (no TLS 1.2 support)

  • .NET 4.5 (must be explicitly set to enable TLS 1.2)

  • Python 3x before 3.4

  • Python 2.x before 2.7.9

  • OpenSSL 0.9.8

Client-side JavaScript apps will rely on the browser version.

Most dynamic languages such as PHP, Python, & Ruby rely on the underlying operating system's OpenSSL version. This can be checked by checking the OpenSSL version which can be accessed using language specific code. The minimum version required is 1.0.1.

We are ready to assist you in making this change successfully in any way we can, however, since we are not experts in every language and framework, we are not able to test or fix your code for you.


Further Reading & Resources


community announcement
1 |3000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Article

Contributors

Mary-Community_Moderator contributed to this article john-wang contributed to this article