Back to All
deprecated

2019-10 TLS-1.0 Deprecation Notice

over 4 years ago by ReadMe API

From the 1st of February 2020, Lightspeed Retail (X-Series) will be deprecating the use of TLS 1.0 for any application communicating to any Lightspeed Retail (X-Series) API product. After this cutoff date, all applications communicating with Lightspeed Retail (X-Series) products must use TLS 1.1 or above.

We recommend applications upgrade to TLS 1.2 as the Lightspeed Retail (X-Series) API already has support for this.

Why is Lightspeed Retail (X-Series) making this change?

Although Lightspeed Retail (X-Series) provides our APIs via our TLS gateway, with support for TLS 1.3, TLS 1.2 and TLS 1.1, we have continued to support TLS 1.0 for legacy reasons.

For a number of reasons, the time has come to remove support for this older protocol:

  1. TLS 1.0 has some known vulnerabilities, which have been addressed in TLS 1.1 and higher.
  2. The PCI Council suggested that organizations migrate from TLS 1.0 to TLS 1.1 or higher before June 30, 2018.
  3. In October 2018, Apple, Google, Microsoft, and Mozilla jointly announced they would deprecate TLS 1.0 and 1.1 in March 2020.

We recommend all integrators should upgrade as soon as possible. We are giving integrators several months notice to act on this change.

Am I affected?

This announcement is directed towards developers integrating with the Lightspeed Retail (X-Series) APIs - developers of Lightspeed Retail (X-Series) Addon Applications, and users of Personal Access Tokens.

You should be able to verify that your framework or library can support TLS1.1+ by checking its documentation.

If you are not sure, there are various services available which can determine if your application supports TLS1.1 or TLS1.2.

One example is badssl.com:

  • If you try to connect your app to the URL https://tls-v1-1.badssl.com:1011/ using TLS 1.0, it would reject your connection.
  • Note that badssl.com is a free service, not provided by Lightspeed Retail (X-Series).

What should I do?

Most recent applications will use a library or framework to communicate via TLS. In most cases, recent versions of these libraries will already support newer versions of TLS.

We recommend moving to TLS 1.2 - it is not mandatory but it is the current version of the protocol.

An upgrade to TLS 1.1, TLS 1.2 or TLS 1.3 requires changes to the application to support the newer versions of TLS.

Further reading

Questions

If you have any further questions around this topic, please contact Lightspeed Retail (X-Series)'s API team via email [email protected] for assistance.