What is Happening?
TLS 1.0 and TLS 1.1 are no longer supported when accessing the Appflow dashboard or the Live Update service.
Why this is Happening?
TLS (Transport Layer Security) is the protocol which secures HTTPS traffic.
The TLS working group had deprecated TLS 1.0 and 1.1 in June of 2018 after identifying the following vulnerabilities associated with these versions of the protocol.
- TLS 1.0 and 1.1 use MD5 and SHA-1, both weak hashes, in the transcript hash for the Finished message.
- TLS 1.0 and 1.1 use MD5 and SHA-1 in the server signature. (Note: this is not the signature in the certificate.)
- TLS 1.0 and 1.1 only support RC4 and CBC ciphers. RC4 is broken and has since been removed. TLS’s CBC mode construction is flawed and is vulnerable to attacks.
- TLS 1.0’s CBC ciphers additionally construct their initialization vectors incorrectly.
- TLS 1.0 is no longer PCI-DSS compliant.
Because of this, the TLS working group has asked companies to adopt newer protocol versions such as TLS 1.2 and 1.3.
Action Required by End User
The Appflow dashboard will not be accessible from a browser below the minimum supported version specified in the table below.
|Browser||Minimum Supported Version|
Please make sure to access the Appflow Dashboard from a browser that supports TLS 1.2+.
Additionally, any apps that require Appflow's Live Update service cannot be designed for any operating system below the minimum supported version specified in the table below.
|Operating System||Minimum Supported Version|