What is TLS?
Transport Layer Security (TLS) is a protocol that encrypts communications between computer systems across the internet to keep them safe from malicious activity.
What change is taking place?
Due to a series of vulnerabilities in early versions of Transport Lyer Security (TLS) CINgroup is disabling support of TLS 1.0 and TLS 1.1.
This change is being made to ensure the highest level of security is being used. The PCI Security Council sets the rules on which technologies are acceptable for use in sending cardholder data. They have identified TLS 1.0 or 1.1 as no longer acceptable.
Will I be impacted?
Outdated operating systems and browsers will no longer be supported, specifically Windows XP and VISTA and servers prior to Windows 2008 (non R2). You can verify your system and browser by using Internet Explorer and accessing: https://ssltest.cingroup.com/
- If successful, you will see a green window with the message, “SSL Test Passed”
- If unsuccessful, you will see a red window with the message, “SSL Test Failed”
NOTE: Testing with any browser other than Internet Explorer in Windows invalidates the results of the test as our applications use the native Windows components. For example, accessing https://ssltest.cingroup.com with Google Chrome or Mozilla Firefox would not be considered a valid test. You must access this URL only using Internet Explorer.
What will you need to do?
CINgroup is requiring an upgrade to TLS 1.2 beginning June 1st, 2018, in order to align with industry best practices for security and data integrity. Please consider upgrading your browsers to the latest version prior to this date to ensure compatibility to CINgroup products and services.
The following is a reference minimum version compatibility chart for TLS 1.2 standards.
|Operating System Version||Web Browser||Applications and Frameworks|
|Windows 7*||Internet Explorer v11||OpenSSL 1.01|
|Windows Server 2008 R2*||Internet Explorer Edge||JDK 8|
|Windows 8*||Google Chrome v30||.NET 4.6|
|Windows Server 2012||Mozilla Firefox v27||Apache 2.2.23|
|Windows 8.1||Apple Safari v7|
|Windows Server 2012 R2||Opera v17|
|Windows Server 2016|
|CentOS 6 / RHEL 6|
|Mac OS X 10.9|
* TLS 1.2 not enabled by default