April 16, 2017 | Written by: Bernard Kufluk
Categorized: Internet of Things | Products
Share this post:
As part of our commitment to security, Watson IoT Platform will be withdrawing support for TLS 1.0. This helps us align with industry best practices for security and data integrity. The Watson IoT Platform will continue to support TLS 1.1 and 1.2. If you are using TLS 1.0, please upgrade to 1.1 or higher before May 30, 2017. Support for TLS 1.0 will end on or after May 30, 2017. Please note that this change affects all regions.
What is TLS?
TLS stands for Transport Layer Security. It is a protocol that provides privacy and data integrity between two communicating applications. It’s the most widely deployed security protocol used today, and is used for web browsers and other applications that require data to be securely exchanged over a network. TLS ensures that a connection to a remote endpoint is the intended endpoint through encryption and endpoint identity verification. The versions of TLS, to date, are TLS 1.0, 1.1 and 1.2.
Which APIs are affected?
All HTTP based APIs, as documented here. Messaging based APIs over both HTTP and MQTT have already withdrawn support for TLS 1.0. If you have an application which is making use of these APIs then ensure to check the level of TLS that you are using – you need to ensure you’re using TLS 1.1 or 1.2. TLS 1.0 (and previous SSL versions) will stop working on or after May 30, 2017.
Why are you making this change?
Over time security protocols improve and older ones are found to have weaknesses. We want to ensure that you have a secure solution and that’s why we’re withdrawing support for the older TLS version.
NIST 800-52 Rev1 gives additional information about selection and usage of TLS versions.
Any questions or problems, please contact support.