cancel
Showing results for 
Search instead for 
Did you mean: 

Another TLS Assist Request/Question

According to this:

 

https://community.developer.authorize.net/t5/Integration-and-Testing/Sandbox-URL-to-test-TLS-Update/...

 

it would appear that transaction requests submitted to https://test.authorize.net/gateway/transact.dll cannot complete if the submitting application is not TLS 1.2 compliant.

 

Have I understood this correctly?

 

My application is compiled with Visual Studio 2010 and .NET 4, which, as I understand it anyway, requires a hack to make it work with TLS 1.2. For example, I've read that if the following code (bolded) is implemented in the global.asax file of a .NET 4 application, it will use the proper protocol without incident:

 

protected void Application_Start(Object sender, EventArgs e)
        {
            // Enforce the security protocol to TLS 1.2

            //System.Net.ServicePointManager.SecurityProtocol = (System.Net.SecurityProtocolType)3072;

            Application["TotalUsers"] = 0;
            Application["CurrentUsers"] = 0;
        }

 

My quandry has to do with the fact that I just placed my app in test mode, which tests transactions against https://test.authorize.net/gateway/transact.dll and the test went through fine, i.e., I got a TEST MODE receipt from both Authorize.Net and my application.

 

As you can see, however, the required code is commented out, meaning it shouldn't have been capable of utilizing TLS 1.2?

 

I'm concerned I'm not seeing something correctly here.

 

Any help is appreciated.

 

sycomputing
Member
1 ACCEPTED SOLUTION

Accepted Solutions

Yes if the same version of the application running on sandbox is also on the production . 

 

Also we are doing  temporary disablement of TLS 1.1/1.0 on production  on one of the following dates and time:

 

  • Akamai-enabled API connections will occur on January 30, 2018 between 9:00 AM and 1:00 PM Pacific time.

 

  • All other API connections will occur on February 8, 2018 between 11:00 AM and 1:00 PM Pacific time

 

You can monitor your system during these time to check if any issues are coming . 

 

 

Thanks





Send feedback at developer_feedback@authorize.net

View solution in original post

5 REPLIES 5

So this message from Richard in the thread I cited above is NOT true?

 

Re: Sandbox URL to test TLS Update
 
sycomputing
Member

Hi @sycomputing

 

 

 TLS 1.2 is enabled for sandbox  already  . 

 

https://www.ssllabs.com/ssltest/analyze.html?d=test.authorize.net

 

We are going to disable TLS 1.0/1.1 for production url  on Feb 28 , 2018 .

 

 

 

 

 





Send feedback at developer_feedback@authorize.net

Hi Anurag:

 

Thanks for your reply.

 

Then as I understand you, if my application using AIM currently successfully submits transactions via the sandbox at -

 

https://test.authorize.net/gateway/transact.dll

 

- then transactions at the production URL -

 

https://secure.authorize.net/gateway/transact.dll

 

will succeed after Feb 28th with no futher code modification on my part?

 

Is this correct?

Yes if the same version of the application running on sandbox is also on the production . 

 

Also we are doing  temporary disablement of TLS 1.1/1.0 on production  on one of the following dates and time:

 

  • Akamai-enabled API connections will occur on January 30, 2018 between 9:00 AM and 1:00 PM Pacific time.

 

  • All other API connections will occur on February 8, 2018 between 11:00 AM and 1:00 PM Pacific time

 

You can monitor your system during these time to check if any issues are coming . 

 

 

Thanks





Send feedback at developer_feedback@authorize.net

Thank you!