Checking / Updating Outbound TLS 1.2 Support

Due to changes in security, it may be necessary to update a site to use TLS 1.2 for outbound connections. Most notably for a payment gateway. Please note this only affects outbound connections and is not related to a SSL certificate that may be installed for the site.

ASP.NET

The requirements for TLS 1.2 support when using ASP.NET are ASP.NET Framework 4.5 or higher and bootstrapping code to set the TLS version.

If a site is using an ASP.NET Framework older than 4.5 it will need to be updated. Note this is a project update rather than the ASP.NET Framework version set in the Everleap Control Panel.

To set the TLS version for an outbound connection, add the following to the script making the connection or the global.asax:

System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12

More information regarding the last update can be found after the link https://stackoverflow.com/q/28286086. Also note that the bootstrapping code would have to be updated if TLS requirements were to change in the future.

PHP / cURL

For PHP, TLS 1.2 support is dependent on the version of PHP set for the site. Which should be set to 5.5 or newer in the Everleap Control Panel.

Everleap Control Panel > Sites > Manage (applicable domain if multi-site) > Settings > PHP

To test TLS 1.2, the script in zcurl.zip may be used: zcurl.zip

Article ID: 1521, Created: 6/27/2018 at 3:20 PM, Modified: 3/4/2020 at 4:33 PM

Checking / Updating Outbound TLS 1.2 Support

Was this article helpful?

Share this article