Lithosphere The Lithium Community

Deprecation of TLS 1.0 & 1.1 Support

Lithium Staff VinhJ
Lithium Staff

 

Any issues relating to TLS 1.0 or 1.1 will not be supported and no browsers or integrations using TLS 1.0 or 1.1 will successfully connect to any Lithium community after the target EOL date. Users connecting to Lithium over TLS 1.0 or 1.1 after 2/1/19 will experience an error and won't be able to access the community.

 

Why EOL TLS 1.0 & 1.1?

 

In the interest of protecting our customers, we are shifting away from the dated, Transport Layer security protocol. TLS 1.0 was first defined 19 years ago and has since been succeeded by TLS 1.1 and 1.2. Continuing to support TLS 1.0 for our customer base represents not only a security risk for our users, but adds a maintenance burden that impacts future development and planning of the product roadmap. TLS 1.1 was introduced 12 years ago and is seeing more widespread deprecation as well. We decided to deprecate both 1.0 and 1.1 at once to minimize the number of times that our users will have to review and adjust their configurations or integrations. Ending support of TLS 1.0 and 1.1 brings Lithium in-line with industry standards as well.

 

Recommendations and Next Steps 

 

If your community's users use TLS 1.0 or 1.1, we strongly recommend reviewing your client-side setup to ensure you’re using the latest version of TLS to avoid any potential complications as we approach the target EOL date. In addition, check any custom or API integrations that you have built into our community API stack.

Below are a list of browsers that use TLS 1.2 or later (and thus will not be affected by the EOL). If your users have any trouble connecting to your community after 2/1/19, please ensure that they're on one of the following versions:

Browser TLS 1.2
Chrome 30-32+
Safari 7+
Firefox 27-33+
Internet Explorer 11+
Edge All