How to Upgrade API Clients

Some older versions of Ruby, Python, .NET, and Java don’t have support for TLS 1.2 enabled by default, so you will need to configure them using the language-specific instructions below.

Java

If you’re using Java, you’ll need to add the following option to enable support:

API Client Upgrade for TLS 1.2 Kindly add below line of code in Java Connector where passing UserName/Password:

System.getProperties().put("https.protocols", "TLSv1,TLSv1.1,TLSv1.2");

.NET

If you’re using .NET, you’ll need to upgrade to the latest .NET framework where TLS 1.2 is the default cryptographic standard. If you’re unable to upgrade to the latest .NET framework, you can still use TLS 1.2, but it depends on the framework version.

.NET 4.6 (and above)—You don’t need to do any additional work to support TLS 1.2, it’s supported by default.

.NET 4.5—TLS 1.2 is supported, but not the default protocol. The following code allows you to opt-in and make TLS 1.2 the default:

ServicePointManager.SecurityProtocol=SecurityProtocolType.Tls12

However, be sure to execute it before making a connection to a secured resource.

.NET 4.0—Although TLS 1.2 is not natively supported, if you have .NET 4.5 (or higher) installed on the system, you still can opt-in for TLS 1.2 even if your application framework doesn’t support it. Unfortunately,SecurityProtocolTypein .NET 4.0 doesn’t have an entry for TLS 1.2, so you’ll have to use a numerical representation of this enum value:

ServicePointManager.SecurityProtocol= (SecurityProtocolType)3072;

There is also a registry hack which forces 4.5 to use TLS 1.2 by default without enforcing it programmatically; simply change the default value of the following registry entry from0to1to get .NET 4.5System.dllto use TLS 1.2.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319: SchUseStrongCrypto to DWORD 1

.NET 3.5 (or below)—Although TLS 1.2 is not natively supported, Microsoft has released a patch for .NET 3.5 that enables support for system-default SSL and TLS versions. After installing the patch specific to your version of Windows, you must modify your registry settings.

Because this is outside the scope of this documentation, please refer to the following Microsoft Knowledge Base articles for more information:

  • Support for TLS System Default Versions included in the .NET Framework 3.5.1 on Windows 7 SP1 and Server 2008 R2 SP1
  • Support for TLS System Default Versions included in the .NET Framework 3.5 on Windows Server 2012
  • Support for TLS System Default Versions included in the .NET Framework 3.5 on Windows 8.1 and Windows Server 2012 R2
  • Cumulative Update for Windows 10 Version 1511 and Windows Server 2016

Python

Python 2.7.9 (and above)—TLS 1.2 is enabled by default when used with OpenSSL 1.0.1 or higher.

Note: Python 2.7.8 and below isnotcompatible with TLSv1.2; in order to interact with our web server, youmustupgrade to Python 2.7.9 or higher.

Ruby

TLS 1.2 is enabled by default when used with OpenSSL 1.0.1 or higher. Setting thessl_versionto:TLSv1_2in anOpenSSL::SSL::SSLContextensures that TLS 1.1 or earlier is disabled.

Note: Ruby version 1.9.3 and below donotinclude the:TLSv1_2symbol, but it's possible to patch Ruby to include the symbol and then compile with OpenSSL 1.0.1 or higher.