TLS 1.0 Deprecation
Scheduled Maintenance
Report for Spreedly
Completed
The scheduled maintenance has been completed.
In progress
Scheduled maintenance is currently in progress. We will provide updates as necessary.
Scheduled
The Spreedly service will stay online, however on Thursday, September 1st, 2016, at 9:30 AM Eastern Daylight Time (UTC -4), Spreedly will discontinue support of TLS1.0 . This will affect your ability to connect to Spreedly and process payments. If you have already taken steps to update how you connect to Spreedly, please disregard this message.
Spreedly is a PCI-DSS compliant payment service provider. In accordance with recommendations published by the security council and in keeping with our commitment to do everything we can to ensure the most secure platform for our customers and cardholders, core.spreedly.com will discontinue support of TLS1.0 entirely on September 1st, 2016. Most modern clients are already connecting using TLS1.2, but it will be important to confirm your application will not be affected by the removal of TLS1.0 support.
Am I affected?
Please establish a connection from your production environment to our HTTPS test endpoint, which is operating the configuration we will enable on September 1st, 2016. Here are some recommended tests you should run:
1. Test OS-installed packages
$ curl https://https-test.spreedly.com
Your client successfully negotiates TLS with Spreedly!
2. Test using the backend language and API client libraries of your application
There are many languages utilizing their own SSL/TLS libraries. The curl test may not prove your custom application will continue to work with Spreedly. Even if you are using open source libraries from Spreedly, you could still have a problem.
If you receive a connection error and see no response body, your OS or language libraries may need to be upgraded or the code that configures the library may need to change. You will not be able to continue processing payments unless this is resolved.
How do I fix this?
If you cannot establish a connection to the test endpoint, the only remediation is to upgrade the incompatible parts of your system or change how your custom application configures its libraries.
If you have any questions or concerns about this change, please contact Spreedly support: support@spreedly.com.
Spreedly is a PCI-DSS compliant payment service provider. In accordance with recommendations published by the security council and in keeping with our commitment to do everything we can to ensure the most secure platform for our customers and cardholders, core.spreedly.com will discontinue support of TLS1.0 entirely on September 1st, 2016. Most modern clients are already connecting using TLS1.2, but it will be important to confirm your application will not be affected by the removal of TLS1.0 support.
Am I affected?
Please establish a connection from your production environment to our HTTPS test endpoint, which is operating the configuration we will enable on September 1st, 2016. Here are some recommended tests you should run:
1. Test OS-installed packages
$ curl https://https-test.spreedly.com
Your client successfully negotiates TLS with Spreedly!
2. Test using the backend language and API client libraries of your application
There are many languages utilizing their own SSL/TLS libraries. The curl test may not prove your custom application will continue to work with Spreedly. Even if you are using open source libraries from Spreedly, you could still have a problem.
If you receive a connection error and see no response body, your OS or language libraries may need to be upgraded or the code that configures the library may need to change. You will not be able to continue processing payments unless this is resolved.
How do I fix this?
If you cannot establish a connection to the test endpoint, the only remediation is to upgrade the incompatible parts of your system or change how your custom application configures its libraries.
If you have any questions or concerns about this change, please contact Spreedly support: support@spreedly.com.