Guidance on Updating Code for TLS 1.2

Starting June 18th, 2018, the aWhere API requires calling code and programs to use TLS 1.2 (Transport Layer Security). Code and packages using TLS 1.0 or 1.1 will no longer work.

If you are utilizing up-to-date packages and libraries, such as Java 8 or R curl 3.0+, no action is necessary. If you are using older libraries then you may need to update to continue using the aWhere API.

On This Page...

Java

Java 8 uses TLS 1.2 by default, along with recent versions of Java 7. If you are using Java 7 or Java 6 and have trouble using the API, try the following system property:

-Dhttps.protocols=TLSv1.2

Or alternatively set it programmatically:

System.setProperty(“https.protocols”, “TLSv1.2”);

Users on older JDKs will need to update. For more information and alternative solutions for Java 6 and 7, see this documentation.

Python

To check the version of TLS in use by python, run the following two console commands:

python -m pip install --upgrade requests
python -c "import requests; print(requests.get('https://www.howsmyssl.com/a/check', verify=False).json()['tls_version'])"

If python reports TLS 1.2 you will be able to use the API. If 1.0 or 1.1 is reported, you will need to update Python. For more information related to this and simliar issues in python, go here.

R

If you are using R, you will need the curl package version 3.0 or higher. The latest package information is available on CRAN, and may be installed with:

install.packages('curl')

For details on the package's support for TLS 1.2, see this blog post.

Microsoft .NET

Older versions of .NET 4.x default to a version of TLS less than 1.2. To specify TLS 1.2:

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

Here are some alternative solutions if the above code doesn't work.