Subject: Deprecation of Obsolete TLS 1.0 and TLS 1.1 Versions – Updated April 16, 2019


Transport Layer Security (TLS) is a critical cryptographic protocol that provides authentication and data encryption between different endpoints (for example, the user’s desktop and the application server) and secures HTTPS. To best safeguard this Web traffic, it is important to use current and more secure versions of the TLS protocol. The legacy TLS 1.0 and 1.1 versions, which date back to 1999, account for a very small percentage of Web traffic today, and various vulnerabilities (such as POODLE and DROWN) have been found in these legacy versions in recent years. TLS 1.2 was published in 2008 to address weaknesses in TLS 1.0 and 1.1 and has enjoyed wide adoption since then.

With the recent finalization of TLS 1.3 by the IETF in August 2018,Apple, Google, Microsoft, and Mozilla announced the end of support for TLS 1.0 and 1.1 in Chrome, Edge, IE, Firefox, and Safari. In line with these industry standards, Ex Libris will deprecate TLS 1.0 and TLS 1.1.

This change - together with similar actions from Microsoft, Apple, Google, and Mozilla - supportbetter performance, more secure connections, and helpsadvance a safer Web experience.

We understand that the security of your data is important, and we are committed to transparency about changes that may affect your use of the TLS service.

After Ex Libris deprecates TLS 1.0 and TLS 1.1, any inbound or outbound connections that rely on these protocols will fail.

Schedule of TLS 1.0 and TLS 1.1 Deprecation
Product Effective Date
campusM Completed
Pivot Completed
360 Completed
Alma May 31, 2019
Research Professional June 30, 2019
SFX July 31, 2019
Ex Libris Websites August 31, 2019
RefWorks June01, 2021

Affected Systems

All systems and products that useSSL certificates are affected by this change.

Required Configurations for Hosted Systems

Ex Libris will deploy the required configuration to all Ex Libris cloud servers.

Required Configurations for On-Premise/Local Systems

Ex Libris recommends that customers with on-premise/local systems follow their server vendor’s instructions and disable TLS 1.0 and TLS 1.1.

For customers using load balancer, follow your vendor’s instructions.

For customers using Apache SSL configuration, see Ex Libris best practice for TLS configuration in Apache.

announced the cessation of support for TLS 1.0 and 1.1 in their respective browsers (Chrome, Edge, IE, Firefox, and Safari) in alignment with these standards.

  1. Industry-wide Support for Deprecation: Notably, Ex Libris, alongside Microsoft, Apple, Google, and Mozilla, has taken steps to deprecate TLS 1.0 and 1.1. This concerted effort is aimed at enhancing performance, establishing more secure connections, and fostering a safer web experience.

  2. Timeline for Deprecation: The article provides a schedule for the deprecation of TLS 1.0 and TLS 1.1 for various Ex Libris products, with effective dates ranging from May 31, 2019, to August 31, 2019.

  3. Affected Systems: All systems and products utilizing SSL certificates are affected by this deprecation. The article emphasizes the importance of this change for maintaining security and outlines additional information resources.

  4. Additional Information: References to external sources, such as Wikipedia, Mozilla's security blog, and a ZDNet article, offer supplementary information on TLS, its evolution, and industry-wide efforts to discontinue older versions.

  5. Required Configurations: The article provides guidance on required configurations for both hosted and on-premise/local systems. Ex Libris commits to deploying necessary configurations for its cloud servers and advises customers to follow server vendor instructions for on-premise/local systems.

In conclusion, the deprecation of TLS 1.0 and TLS 1.1 signifies a collective industry push towards more robust security standards. This move aligns with the continuous evolution of cryptographic protocols to counter emerging threats and vulnerabilities.

Are TLS 1.0 and 1.1 deprecated? ›

The internet standards and regulatory bodies have deprecated or disallowed TLS versions 1.0 and 1.1 due to several security issues. Starting with Windows 11 Insiders Preview and Windows Server Insiders Preview releases in 2024, they will be disabled by default.

How to disable TLS 1.0 and 1.1 on Windows Server 2019 registry? ›

Create a key named "TLS 1.1" with two DWORDs for both TLS 1.0 & 1.1: "DisabledByDefault=1" & "Enabled=0". Similarly, create a key named "TLS 1.0" with two DWORDs for each protocol, "DisabledByDefault=1" & "Enabled=0".

Will no longer support TLS 1.0 and 1.1 Office 365? ›

On August 1, 2023, Microsoft announced that support for TLS 1.0 and 1.1 will be removed from future Windows releases. This change has been on the horizon for a while. Microsoft recommended services upgrade away from TLS 1.0 and 1.1 by the end of 2020.

When was TLS 1.1 end of life? ›

End of Support Notice: Disabling TLS 1.0 and 1.1
VersionRevision DateDescription
1.1January 24, 2024The end of support date was extended from December 31, 2023 to April 1, 2024.
1.0August 31, 2023The notice was introduced with an original end-of-support date of December 31, 2023.
1 more row

Why TLS 1.0 is not secure? ›

TLS 1.0 and 1.1 are vulnerable to downgrade attacks since they rely on SHA-1 hash for the integrity of exchanged messages. Even authentication of handshakes is done based on SHA-1, which makes it easier for an attacker to impersonate a server for MITM attacks.

Which version of TLS is no longer supported? ›

Transport Layer Security (TLS) is an online security protocol that provides a secure connection by encrypting all data between servers and email clients. Due to increased attacks and security vulnerabilities in previous years, we will no longer support TLS versions 1.0 and 1.1.

How to check if TLS is enabled or not? ›

-Press the Windows key + R to start Run, type regedit, and press Enter or click OK. -If you can't find any of the keys or if their values are not correct, then TLS 1.2 is not enabled. I hope this information helps.

Is TLS 1.0 enabled by default on Windows 2019? ›

According to this documentation by default TLS 1.0, 1.1 and 1.2 are enabled in Windows Server 2019. TLS 1.3 is only supported in Server 2022 and newer versions. Further this documentation states that TLS 1.0 and 1.1 are only disabled by default starting with Windows 11 (and Server 2022 i guess) in 2024.

How to remediate weak SSL TLS key exchange? ›

5 answers
  1. Click Start, click Run, type regedit in the Open box, and then click OK.
  2. Locate and then click the following subkey: *HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms*
  3. On the Edit menu, point to New, and then click Key.

How do I enable SSL 3.0 TLS 1.0 TLS 1.1 and TLS 1.2 in advanced settings? ›

Open the Tools menu (click on the tools icon or type Alt - x) and select Internet options. Select the Advanced tab. Scroll down to the bottom of the Settings section. If TLS is not enabled, select the checkboxes next to Use TLS 1.0, Use TLS 1.1, and Use TLS 1.2.

Does Outlook 365 use TLS? ›

Office 365 and TLS overview

The Office client can use TLS 1.2 if the web service of the local computer can use TLS 1.2. All Office clients can use TLS protocols, as TLS and SSL protocols are part of the operating system and not specific to the Office client.

What is the newest version of TLS? ›

What is the difference between TLS 1.3 and TLS 1.2? TLS 1.3 is the latest version of the TLS protocol. TLS, which is used by HTTPS and other network protocols for encryption, is the modern version of SSL.

Is TLS 1.0 and 1.1 safe? ›

The marking of sites on TLS 1.0, is significant because 68% of websites still support TLS 1.0 which is insecure due to multiple vulnerabilities. If your web site uses a TLS 1.0 or 1.1 website, as of January 13, 2020 it will display the following warning, and in 2021 Chrome will not load websites with TLS 1.0 or 1.1.

What is the difference between SSL and TLS? ›

However, SSL is an older technology that contains some security flaws. Transport Layer Security (TLS) is the upgraded version of SSL that fixes existing SSL vulnerabilities. TLS authenticates more efficiently and continues to support encrypted communication channels.

Is TLS 1.0 still used? ›

TLS 1.0 and 1.1 were formally deprecated in RFC 8996 in March 2021.

Is TLS 1.2 obsolete? ›

Effective April 2, 2024 Calabrio will deprecate Transport Layer Security (TLS) 1.1 and weak Secure Sockets Layer (SSL) and TLS 1.2 ciphers. This communication provides you with comprehensive information about these changes, their impact, and the necessary steps you need to take.

What is the latest TLS version? ›

What is the difference between TLS 1.3 and TLS 1.2? TLS 1.3 is the latest version of the TLS protocol. TLS, which is used by HTTPS and other network protocols for encryption, is the modern version of SSL.

