We will be removing support for TLS 1.0 and 1.1 in our US and German data centres. This will happen shortly after Thursday, February 27, 2020 at 10:00 UTC.
This will affect all HTTPS traffic to the following hostnames:
Only a small fraction of traffic currently uses TLS 1.0 and 1.1, the vast majority are already using TLS 1.2 which will continue to be supported.
From our impact analysis, those not already using TLS 1.2 split into two groups: older Exchange servers and a handful of API customers.
For Exchange servers we will be shifting to a separate hostname which will continue to support TLS 1.0 and 1.1. Older Windows servers running Exchange do not support TLS 1.2 and so we cannot retire 1.0 and 1.1 from the entirety of our stack. The notifications we receive from these servers do not contain sensitive information and so we have deemed the risk is acceptable for continued service.
For our API customers, we have identified those currently using TLS 1.0 or 1.1 and will be in touch with them shortly to ensure they are aware of this change and to assist with any migration that is needed.
Prior to the full switch over, we will remove support for TLS 1.0 and 1.1 on the mentioned hostnames for roughly 3 hours on Thursday, February 20, 2020 between 12:00 and 15:00 UTC.
Jan 29, 11:28 GMT