Security FAQs

What are the implications of deprecating TLS protocol versions 1.0 and 1.1?

This FAQ applies to both Deploy and Release—10.0 or earlier versions—that use Java 7 or earlier.

In addition to security vulnerabilities, TLS protocol versions 1.0 and 1.1 do not support modern cryptographic algorithms. The software industry (including popular browsers such as Chrome, FireFox and so on) deprecated the TLS protocol versions 1.0 and 1.1 in March 2020.

Customers are therefore advised to upgrade your sites to be able to negotiate with TLS 1.2 connections.

  • If you are using Deploy or Release 10.0 or earlier that uses JDK 7, you must upgrade to JDK 8 or 11.
  • Upgrading to JDK 8 or 11 is recommended over enabling TLS 1.2 on JDK 7.

    Note: Both Deploy and Release—10.1 and later versions—use JDK 11.