Webex Platform Disabling TLS 1.1

Beginning April 27, 2019, the Webex platform will require that API clients use the Transport Layer Security (TLS) 1.2 protocol. To align with industry best practices for transport security, the TLS 1.1 encryption protocol will be disabled on all endpoints. TLS 1.0 was disabled on March 17, 2018.

Our internal telemetry of API connections indicates that very few API clients are using TLS 1.1. To prevent any service disruption between your applications and the Webex platform after April 27, ensure that your applications' server operating system, libraries, and frameworks support TLS 1.2. Consult the documentation for your applications' libraries and frameworks to ensure that they support TLS 1.2.

If your applications do not automatically use TLS 1.2, you will need to explicitly configure it. Please see below for information about common languages and libraries:

Java

Java 1.7: TLS 1.2 is supported, but it needs to be explicitly enabled when creating SSLSocket and SSLEngine instances.

Java 1.8: TLS 1.2 is the default.

See https://blogs.oracle.com/java-platform-group/jdk-8-will-use-tls-12-as-default for more details.

Ruby

Ruby uses the system's OpenSSL package. TLS 1.2 support was added and made the default in OpenSSL 1.0.1.

You can check the version of OpenSSL that your Ruby links against by running: ruby -ropenssl -e 'puts OpenSSL::OPENSSL_LIBRARY_VERSION'

Python

Python also uses the system's OpenSSL package. TLS 1.2 support was added and made the default in OpenSSL 1.0.1.

You can check the version of OpenSSL that your Python links against by running: python -c 'import ssl; print(ssl.OPENSSL_VERSION)'

.NET Framework

See https://docs.microsoft.com/en-us/dotnet/framework/network-programming/tls for details about TLS in .NET applications.

cURL

Support for TLS 1.2 was added in cURL 7.34.0.

If you have any questions, our Webex Developer Support Team is available to help. Please contact them with your question or concern.