Showing results for 
Search instead for 
Did you mean: 

TLS 1.2 Migration


I received an email about "Important TLS 1.0 Disablement ".


1- We are using Authorize.Net on our Joomla / PHP website.

    Our web site is hosted on the Windows Server 2012 R2.


To verify my changes I setup sandbox and test server but sandbox doesn’t response to any test transaction. 



What updates should be done from our side to make the website work with




Hi @msamama2018


Please have a look at our TLS 1.2 FAQs


Reach out to our CS teams at 1.877.447.3938  if need more information . 



Send feedback at
Moderator Moderator

As a start you could create a simple function to check the status of your server's TLS:

using System;
using System.Net;
using System.IO;

namespace howsMySSL
    public partial class Default : System.Web.UI.Page
        protected void Page_Load(object sender, EventArgs e)
            System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;
            var response = WebRequest.Create("").GetResponse();
            var responseData = new StreamReader(response.GetResponseStream()).ReadToEnd();


Or with PHP :  

$ch = curl_init('');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$data = curl_exec($ch);

$json = json_decode($data);
echo $json->tls_version;

The JSON reponse should show something like the following: 

{"given_cipher_suites":["TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_DHE_RSA_WITH_AES_256_GCM_SHA384","TLS_DHE_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256","TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA","TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA","TLS_RSA_WITH_AES_256_GCM_SHA384","TLS_RSA_WITH_AES_128_GCM_SHA256","TLS_RSA_WITH_AES_256_CBC_SHA256","TLS_RSA_WITH_AES_128_CBC_SHA256","TLS_RSA_WITH_AES_256_CBC_SHA","TLS_RSA_WITH_AES_128_CBC_SHA","TLS_RSA_WITH_3DES_EDE_CBC_SHA"],"ephemeral_keys_supported":true,"session_ticket_supported":true,"tls_compression_supported":false,"unknown_cipher_suite_supported":false,"beast_vuln":false,"able_to_detect_n_minus_one_splitting":false,"insecure_cipher_suites":{},"tls_version":"TLS 1.2","rating":"Probably Okay"}

If the tls_version is less than TLS 1.2, then some server configuration needs to be addressed(with Windows 2102, this shouldn't be the case), else you can then check your cURL / OpenSSL / NSS version with the following:

$curl_info = curl_version();
echo $curl_info['ssl_version'];

OpenSSL includes support for TLS v1.2 in OpenSSL 1.0.1

NSS included support for TLS v1.2 in 3.15


Powered by -
Certified developers
Trusted Contributor

We have updated our server for TLS 1.2... The changes were tested and working successfully as applications on this machine are calling UPS API, who have already enforced TLS 1.2... However, we are still worried as we are using an old DLLs from Authorize.Net for Asp.Net framework 2.0 named ETransact.dll (version 1.0.2307)... We doubt that DLL may have issues in making TLS 1.2 connection...


The DLL allows switching between test/live modes... I performed a payment in the test mode, which was successful... But I am not sure, when I am making a payment in the test mode, then I am hitting the sandbox URL to test TLS 1.2, or I need to hit some other endpoint... And, if I need to hit some other endpoint, then what choices do I have... I can not change the service endpoint within DLL...






You should know completely the functionality of any DLLs, that your application is using, especially one as old at that. One way is decompile the DLL and see exactly what is happening and if need be, rewrite it to suite your purposes. 


if you must use the SDK, it would be recommended to upgrade to the newest version.

Powered by -
Certified developers

I decompiled the DLL, and found that it is hitting following URL in Live mode:

and the following URL in Test mode:


The sandbox URL provided by Authorize.Net to test TLS 1.2 is:


I can not make changes to the dll to hit the sandbox URL provided by Authorize.Net to test TLS 1.2... What option do I have for performing the test?






Build your own DLL that calls the correct API endpoint or use the newest version of the SDK.

Powered by -
Certified developers

What is the recommended way to post to API endpoint... Is it essential to build a DLL... Can we write the code, which directly performs the post to API endpoint... Are there any guidelines available?

Yes, you can write the code that posts directly to the endpoint, in many cases that is the better solution.

Powered by -
Certified developers

Are there any guidelines available to perform post directly from the code... And, is there a sample code available in asp and to post directly...