Skip to main content
ExLibris

 

  • Subscribe by RSS
    • Back
    Aleph
    Ex Libris Knowledge Center

    Message sent to Ex-Libris-hosted Aleph customers about TLS 1.0 and 1.1

    1. Last updated
    2. Save as PDF

     

    • Product: Aleph
    • Product Version: 20, 21, 22, 23
    • Relevant for Installation Type: Dedicated-Direct, Direct, Local, Total Care

     

    Description

    A change will be implemented in your Ex-Libris-hosted Aleph environment by May 31, 2019:  Support for TLS 1.0 and 1.1 will be removed; TLS 1.2 or 1.3 will be required.   (TLS is part of https; it's not involved in http.)

    Resolution

    [Note:  To see what version of TLS you have, open an Internet Explorer https session and then right-click on the page and select Properties.  There will be a "Connection" line beginning with "TLS 1.n".]  

    There will be no service interruptions during the implementation process, but the change can impact the system’s behavior of some of your end-users.

    This change - alongside similar announcements from Microsoft Apple, Google, and Mozilla - supports better performance, secure connections, and  helping advance a safer web experience.  We understand that the security of your data is important and we are committed to transparency about changes that may affect your use of the TLS service.

    After Ex Libris deprecates TLS 1.0 and TLS 1.1, any inbound or outbound connections that rely on these protocols will fail. 

    Overview
    Transport Layer Security (TLS) is a critical cryptographic protocol that provides authentication and data encryption between different endpoints (for example, the user’s desktop and the application server) and secures HTTPS. To best safeguard this web traffic, it is important to use current and more secure versions of the TLS protocol. The legacy TLS 1.0 and 1.1 versions, which date back to 1999, account for a very small percentage of web traffic today and various vulnerabilities (such as POODLE and DROWN) have been found in these legacy versions in recent years.  TLS 1.2 was published in 2008 to address weaknesses in TLS 1.0 and 1.1 and has enjoyed wide adoption since then.

    With the recent finalization of TLS 1.3 by the IETF in August 2018 - Apple, Google, Microsoft, and Mozilla announced end of support for TLS 1.0 and 1.1 in Chrome, Edge, IE, Firefox, and Safari. In line with these industry standards, Ex Libris will deprecate TLS 1.0 and TLS 1.1.

    Full details about this topic can be found in knowledge article:  https://knowledge.exlibrisgroup.com/...ril_16%2C_2019

    In case you have any questions, feel free to contact your Ex Libris Support Team any time.

     

     

    • Article last edited: 14-May-2019