Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

UPS - Upgrade to use TLS 1.1 or TLS 1.2 #2754

Closed
rahatur opened this issue Nov 30, 2017 · 9 comments
Closed

UPS - Upgrade to use TLS 1.1 or TLS 1.2 #2754

rahatur opened this issue Nov 30, 2017 · 9 comments

Comments

@rahatur
Copy link

rahatur commented Nov 30, 2017

We recently started to receive this (403) Forbidden exception on the DoRequest method of the UPSComputationMethod.cs file. Further investigation reviled that the exceptions were thrown by the UPS API at random. For the same address sometime we get response sometime we don’t. When we contacted the UPS support team they gave the following reply:

"_Currently, all of the CIE (test) environment servers have be updated to only accept TLS 1.2 requests.

UPS will be making changes to the Production servers beginning September 1, 2017 through December 31, 2017 to support enhancing our security. During this time, you may see intermittent failures for transactions using TLS 1.0 or earlier.

As of October 10, 2017, 50% of all API servers have been transitioned over to ignore any traffic using TLS 1.0.

Effective 12/31/2017, UPS will only accept TLS 1.1 and TLS 1.2 security protocols. It is highly recommended that the most current version, TLS 1.2, be implemented. After that date, any communication requests submitted to UPS using older protocols (TLS 1.0 or earlier) will fail._"
@AndreiMaz
Copy link
Member

@rahatur what version of nopCommerce are you using?

@rahatur
Copy link
Author

rahatur commented Nov 30, 2017

I am using version 3.3

@AndreiMaz
Copy link
Member

it's the issue. It was fixed in later versions

@AndreiMaz
Copy link
Member

please see global.asax file in 3.90 where we set it

@rahatur
Copy link
Author

rahatur commented Nov 30, 2017

Got it.
//most of API providers require TLS 1.2 nowadays
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

Adding that should be enough right?

@AndreiMaz
Copy link
Member

yes

@vijjendra
Copy link

I am using nop version 3.5, may I know where I can place below line of code
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
When I have tried to put this in global.ascx under
protected void Application_Start(){
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
}

still I face the problem, may I know how to resolve this TLS 1.2 related issue in Nop 3.5

@rahatur
Copy link
Author

rahatur commented Mar 8, 2018

For nopcommerce 3.3 I placed in as the first line in the Application_Start function of the Global.asax.cs file

        protected void Application_Start()
        {
            //most of API providers require TLS 1.2 nowadays
            ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

@vijjendra
Copy link

I have used ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;
in Global.asax.cs on Application_Start() and set targetFramework="4.6" in web.config and it start works.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@vijjendra @AndreiMaz @rahatur