cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0
Upvote

CyberSource TLS 1.2

jimc28571592
New Here ,
Sep 06, 2017 Sep 06, 2017

Copy link to clipboard

Copied

Hi,

We got this notice from CyberSource:

I assume this means we have to limit outbound CFHTTP calls as TLS 1.2

Can someone provide information on:

1. How we can configure this

2. How we can actually test this, like using a script to output which version of TLS we are connecting with?

Thanks!

Dear Valued Merchant,

As previously announced, CyberSource is moving to eliminate support of Data Encryption Standard (also known as "3DES" or "Triple DES") security ciphers for securing browser based as well as server-to-server communication channels.

All merchants opening secure browser-based connections to CyberSource web portals and/or server-to-server connections to our transaction processing endpoints will need to ensure that they are not using DES-based ciphers to establish the necessary TLS connections to CyberSource, prior to the termination date, to avoid possible Production impact.

Note:  These ciphers have already been disabled in our CAS, or Sandbox, environment so you may test connections there to help ensure continued connectivity.

Our current schedule for terminating support of DES-based ciphers in these connections will be on September 26, 2017 during one of our routine Network maintenance windows.  If your systems utilize DES-based ciphers – and cannot support more modern/secure options - after this change is made, your transactions to CyberSource will fail.

Please make note of this upcoming change and take any needed actions to ensure that your connections to CyberSource properties make use of industry best practices.  These would include using the TLS v1.2 protocol for secure connections, secured by a current and secure cipher suite.

Should you have further questions about this change, please refer to our Knowledgebase article on the subject of upcoming Security updates, which can be found here:

     http://support.cybersource.com/cybskb/index?page=content&id=C1743

If further clarification is required, you may also reach out to our CyberSource Customer Support team via your usual methods.

Thank You,

CyberSource Customer Support

Views

856

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 1 Reply 1
latest latest Jump to latest reply
nic_tunney
Engaged ,
Sep 07, 2017 Sep 07, 2017

Copy link to clipboard

Copied

LATEST

You'll need the proper JVM version to use TLS 1.2 (CF10 - v1.8, CF11, v1.7+).  CF10 will use the JVM's default connection (TLSv1.2).  You can force usage of TLS v1.2 in CF11 using JVM args in the CF Admin by specifying something like -Dhttps.protocols=TLSv1.2.

To test it sounds like you could utilize the sandbox environment at Cybersource.

-Nic

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation
ColdFusion User Guide
Copyright © 2023 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices