cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
New

API requests made with TLS 1.0.

I am trying to call out to a third party site. It works fine locally but when on the hosted site, it returns this error and tells me to update to TLS 1.2 or later. How do I set this up?

9 REPLIES 9
Moderator
Moderator

Re: API requests made with TLS 1.0.

Hey @LDupee,

 

What exactly is the error message being returned when trying to connect to the API? Also, I think members might be better able to suggest how to complete the setup of your API connection if they had a little more detail about the specific API you're trying to connect to as well as what type of hosting plan this was for? 

 

CG - GoDaddy | Community Moderator
24/7 support available at x.co/247support
New

Re: API requests made with TLS 1.0.

I am attempting to connect to Stripe through stripe.net, available through nuGet. Locally it works just fine. When I attempt to do it through the site, it fails with the message "Stripe no longer supports API requests made with TLS 1.0. Please initiate HTTPS connections with TLS 1.2 or later". It appears that the IIS setting needs to be updated.

New

Re: API requests made with TLS 1.0.

More specifically, the windows server running IIS looks to need registry changes to allow support for TLS 1.2

Moderator
Moderator

Re: API requests made with TLS 1.0.

Hey @LDupee,

 

Just responded to your other discussion on This page can’t be displayed Turn on TLS 1.0, TLS 1.1, and TLS 1.2. It seems like these two issues are related so to avoid any further confusion I'd recommend continuing the discussion here.

 

Since I wasn't aware the hosting plan was using Windows, it sounds like you're on an older Web Hosting plan as TLS is primarily a feature used on our cPanel Linux hosting plans. You might not be able to accomplish this within your current hosting plan.

 

CG - GoDaddy | Community Moderator
24/7 support available at x.co/247support

Re: API requests made with TLS 1.0.

This the reply from the extension creator. The extension is Stripe Payment Gateway installed on Opencart 2.3.0.2. I got the same error as the other rfh on this thread. 
 
"Thanks for your inquiry. What you'll want to do is contact your web host and ask them to disable SSL and TLS 1.0 (and possibly 1.1) on your server. That way all CURL calls on your site (not just my extension) will be using the more secure TLS 1.2 as they should."
 
Can I implement this change or does this have to be done by Godaddy tech? 
Moderator
Moderator

Re: API requests made with TLS 1.0.

Hey @tekland,

 

If you're currently hosting on a cPanel/Plesk shared hosting plan you should have access to use TLS 1.0, 1.1, and 1.2. However, if you're on an older Classic/Web hosting plan, these plans will only support TLS 1.0 at this time. 

 

I just recently had these details confirmed from our hosting admins. 

 

CG - GoDaddy | Community Moderator
24/7 support available at x.co/247support
New

Re: API requests made with TLS 1.0.

I had the same issue, and what helped me was simply upgrading the PHP version to 5.6.28.

good luck 🙂

New

Re: API requests made with TLS 1.0.

I came across this thread in a mad scramble to try to become TLS 1.2 compliant for our sites' use of the STRIPE payment API.

 

changing my PHP versions did NOT work though.  Was there anything else  you remember changing?

New

Re: API requests made with TLS 1.0.

@tekland -- did you ever get an answer to your question here?  Im trying to accomplish the same thing and cant see where to control TLS 1.0 vs TLS 1.2

 

Thanks!

 


@tekland wrote:
This the reply from the extension creator. The extension is Stripe Payment Gateway installed on Opencart 2.3.0.2. I got the same error as the other rfh on this thread. 
 
"Thanks for your inquiry. What you'll want to do is contact your web host and ask them to disable SSL and TLS 1.0 (and possibly 1.1) on your server. That way all CURL calls on your site (not just my extension) will be using the more secure TLS 1.2 as they should."
 
Can I implement this change or does this have to be done by Godaddy tech?