Hi Box Developers,
As previously communicated, Box has ended support for TLS 1.0 as of June 25th, 2018. On May 13th, 2019, starting at 8:00am PDT, Box will start blocking all TLS 1.0 traffic coming from custom Box platform applications.
To ensure the continued functionality of your applications, please test and upgrade (if needed) your application environments by following these directions in the docs. Over the last 6-12 months regular email communications have been sent to the developer, support, and admin contacts of any affected applications sending Box requests using TLS 1.0. If you have received these messages and haven't taken action, your application will be impacted by the shutoff on May 13th.
What is TLS and why is this upgrade necessary?
TLS is the protocol used when you transfer information to and from Box APIs to keep that data secure. TLS 1.0 is no longer a secure standard for sending sensitive information, which is why we are undergoing the process of blocking all TLS 1.0 traffic. It is imperative that your systems be upgraded to use at least TLS 1.2.
What will happen after May 13, 2019 if I don’t upgrade?
After May 13th Box will start to block all API requests made using TLS 1.0. All requests made to Box systems with your custom applications using TLS 1.0 will start to return errors rather than the expected API responses.
How do I upgrade my version of TLS?
- Admin / Support: Contact the developer of the application(s) listed above to begin the upgrade process or disable the application if they are unneeded. Admins may view / disable the applications through these steps.
- App Developer: Instructions on how to test and upgrade your systems is available in our developer documentation.
How do I get support for this upgrade if I have questions?
For any questions or for addition support, please file a support ticket.
Please sign in to leave a comment.