Deprecation of TLS 1.0 and 1.1 on our Delivery API

Scheduled Maintenance Report for Contentful

Completed

The scheduled maintenance has been completed.

Posted May 01, 2017 - 00:00 UTC

In progress

Scheduled maintenance is currently in progress. We will provide updates as necessary.

Posted Apr 30, 2017 - 00:00 UTC

Scheduled

As of April 30th 2017 Contentful's Delivery API will no longer be supporting TLS versions 1.0 and 1.1. TLS 1.2 will be required for using the Delivery API with HTTPS.

Q: Why is this being done?

As with earlier versions of TLS/SSL, security vulnerabilities have rendered these protocol versions unsafe. Our CDN Partner, Fastly, is deprecating support for TLS versions lower than 1.2, following the instructions of the PCI DSS Council. For further information, please refer to https://www.pcisecuritystandards.org/documents/Migrating_from_SSL_Early_TLS_Information%20Supplement_v1.pdf

Q: How does this affect me?

We have already identified and contacted most of our customers using TLS 1.0 and 1.1, and worked with them on migrating. Most modern HTTP client libraries will have no issues using TLS 1.2. If you have not been contacted by us, you should not be affected, but if you are unsure of the effect on your app or site, please contact Contentful Support.

Posted Apr 06, 2017 - 07:52 UTC