Our move to disable insecure web protocols has been ongoing for several years, and in August 2015 we announced plans to disable the TLS 1.0 and 1.1 protocols.
If you are using a client that has not been updated to support TLS 1.2, you may see errors such as this on a Windows environment:
An error occurred while making the HTTP request to [URL] This could be due to the fact that the server certificate is not configured properly with HTTP.SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server.
With a Java client you may see errors such as:
java.net.SocketException or possibly
java.io.IOException in conjunction with a connection drop.
To enable TLS 1.2 on Java 7, you may set a system parameter:
And you may add in code:
In spite of any error indicating a possible certificate issue, this has nothing to do with certificates.
In .NET 4.6, TLS 1.2 is enabled automatically and so negotiation with AssureSign to use TLS 1.2 should occur automatically in that scenario. So targeting and rebuilding your .NET application with .NET 4.6 will work.
If you are using .NET 4.5 and up (4.5.1/4.5.2), you can still enable negotiation to use TLS 1.2, but it will require a code change since the TLS 1.2 protocol is available but disabled by default in that version of .NET. In this scenario, you may add the following in order to allow correct negotation:
System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls | System.Net.SecurityProtocolType.Tls11 | System.Net.SecurityProtocolType.Tls12;
With .NET 4.5, it may also be possible to force TLS 1.2 to be used through a registry change.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319] "SchUseStrongCrypto"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319] "SchUseStrongCrypto"=dword:00000001
All AssureSign published client applications were rebuilt in early 2016.
AssureSign Published Applications
The following AssureSign tools have been updated in 2016 to support communicating over TLS 1.2. The latest versions may be accessed here: