From 30th November 2016 (PST), Freshdesk will be moving away from the TLS 1.0 version and will disable the encryption protocol across all its services. The deprecation will have effects on all Freshdesk customers currently using TLS 1.0, and it is advised that you check if you're going to be affected. This solution article will walk you through steps on how you can check if this change affects your business.
Described below are the compatibilities across Desktop Browsers and Mobile Operating Systems.
Desktop browser compatibility
1. Internet Explorer: Desktop versions of IE 8,9 and 10 are TLS compatible if you are running Windows 7 or higher, but not by default. Future versions of Internet Explorer are compatible by default. Achieve compatibility by following the guide here.
2. Mozilla Firefox: Versions 23 through 26 are compatible, but not by default. Use about:config to enable TLS 1.1 or TLS 1.2 by updating the security.tls.version.max config value to 2 for TLS 1.1, or 3 for TLS 1.2. All future versions of Mozilla Firefox are TLS 1.0+ compatible by default.
3. Google Chrome: All versions of Google Chrome above version 38 are compatible by default.
4. Safari: Desktop Safari versions 7 and higher for OS X 10.9 (Mavericks) and higher are, compatible with TLS 1.1 and higher, by default.
Verify your browser compatibility
To verify compatibility for TLS 1.1/TLS 1.2 for your browser, go to this link and if you are able to view a webpage shown below with the message TLS1.1/TLS1.2 Upgrade Test Passed, then your browser is compatible with Freshdesk. Internet Explorer users can achieve compatibility by following the guide here.
Mobile compatibility
Devices running Android OS versions lower than 4.1 are not compatible with TLS versions higher than 1.0. Therefore, the Freshdesk Android app will stop working on devices running these versions of the operating system. Users are advised to upgrade their operating systems to continue using the app.
Devices running Android 4.1 to 4.4 need to be on version 3.5 or higher of the Android app to continue using Freshdesk. Users running Android versions 5.0 or higher will not face any issues and can continue using the existing version of the app installed on their device or upgrade to version 3.5 of the app.
The iOS app will continue to work seamlessly on compatible iOS versions (iOS 8 and above).
Once you have ensured that your Browser/OS will not be affected by the eventual deprecation of TLS, you can follow the steps below to run a compatibility test on your Integrations/API clients (if applicable)
Steps to check for API compatibility
Set up an API client in a test environment. This could be any software that you are using to integrate to Freshdesk or any custom integration code that you have written.
In that test environment, change the API client's endpoint hostname from yourdomain.freshdesk.com to tlstest.freshdesk.com.
If you see a '401 Unauthorized' error, then this test passed. This response means that the underlying TLS connection was successful, despite the '401 Unauthorized' error.
If you instead see an error message that involves TLS or https, then the test has failed. Your API client will require adjustments or upgrades. Please check with your client's documentation on how to upgrade to TLS 1.1 or TLS 1.2 support.
Example using cURL
This is how the output would look when connected from cURL.
(The following test cases were run on cURL version 7.50.0)
Failure case
curl -v -XGET https://tlstest.freshdesk.com/api/v2/tickets --tlsv1.0
Output
* Server aborted the SSL handshake * Closing connection 0 curl: (35) Server aborted the SSL handshake |
Successful case
curl -v -XGET https://tlstest.freshdesk.com/api/v2/tickets --tlsv1.1
Output
HTTP/1.1 401 Unauthorized …. …. * Connection #0 to host tlstest.freshdesk.com left intact {"code":"invalid_credentials","message":"You have to be logged in to perform this action."} |
If you've got any additional queries, just drop a mail to [email protected]