Updating Your Production Environment to Support TLSv1.2

Update (June 26, 2018): All requests made to Braintree servers using older versions of TLS are now blocked.
Update (01/2018): To ensure we meet the PCI requirement by the end of June 2018, Braintree has set a deadline of June 26, 2018, to drop support for TLS versions less than 1.2.

Over the past year or so, you may have received notifications or read blog posts from Braintree, PayPal, or other payment processors about the impending TLSv1.2 upgrade to be PCI compliant. Braintree will be upgrading its services to require TLSv1.2 for all HTTPS connections.

The good news is that many of you are already communicating with Braintree via TLSv1.2. To make sure that’s the case, we put together some documentation to help validate your production setup.

Some SDK languages require that you upgrade to a minimum SDK version as well as checking your environment:

Braintree SDK TLSv1.2 supported version
Java SDK 2.67.0
.NET SDK 3.1.0
Android 2.x SDK 2.1.0
Android 1.x SDK 1.7.6

Others languages will not require an SDK upgrade, but you still need to check your production system:

Language
Ruby
PHP
Python
Node.js
iOS

Please have a look at the relevant instructions on testing your setup. If you are not communicating over TLSv1.2, you’ll need to upgrade your production operating systems, encryption libraries, runtime environments, and/or SDKs to communicate to Braintree over TLSv1.2. We will stop accepting connections made via TLSv1.0 and TLSv1.1 when the update to require TLS 1.2 goes into effect.

We’ll be updating the Braintree sandbox environment on December 13, 2016.

If you have any questions, please contact us -- we’re always happy to help.

***
Jeff Brateman Jeff is an engineer focused on improving the lives of developers. He's passionate about automation and efficiency, as well as biking, hiking, and teaching his dogs new tricks. More posts by this author

You Might Also Like