Adobe Connect Hosted: End of Life for TLS 1.1
It’s very important that you ensure all users client systems are TLS 1.2 compliant. The Adobe Connect Operations team has ended support for TLS 1.0 and TLS 1.1 is following shortly by end of month April 2020; client systems that are not TLS 1.2 compliant will lose access to Adobe Connect hosted services.
End of Life for TLS 1.1
What is TLS?
Transport Layer Security (TLS) is the most widely deployed security protocol used today for Web browsers and other applications that require data to be securely exchanged over a network.
You passively use it whenever you open a browser.
How does this effect you?
Because Adobe Connect is a web-based service, you engage with it through secured network connections. Those connections are secured by TLS.
As new browsers and operating systems are released, new security standards are added. However older release versions of a browser or OS will not be updated to include the newer standards.
As the acceptable level of security rises, these older, less secure applications must be left behind. That means you have to update your OS and browser versions so that secure sites can safely allow you to connect to them.
What is the impact?
Adobe has security compliance standards that require the end of life of older protocols and is mandating the use of TLS 1.2 in order to have the most up-to-date and secure version in use.
As a result, if your system is not TLS 1.2 compliant, your system will not be allowed to make a connection to the Adobe Connect hosted service.
What action is required?
You must move to TLS 1.2 or you will lose access to Adobe Connect hosted services.
For clients running web browsers: use a supported browser. For a list of Adobe Connect supported browsers, read the Adobe Connect System Requirements.
Operating system support for TLS 1.2 requires:
- Windows server: use Windows Server 2008 R2 or later
- Windows desktop: use Windows 8 or later
- NOTE: Windows 7 requires the proper patching and configuration to support TLS 1.2, see Microsoft support for details
- OS X: use OS X 10.8 or later
Application framework support for TLS 1.2:
- For Java: use Java 8 or later. Java 7 may be used but requires TLSv1.2 to be explicitly enabled by the application
- For .NET: use .NET 4.6 or later. .NET 4.5 may be used but requires TLSv1.2 to be explicitly enabled by the application. .NET depends on TLS 1.2 support by Windows (see above)
- For applications using OpenSSL: use OpenSSL 1.01 or later
What is TLS? (a deeper dive)
Transport Layer Security (TLS) is a protocol that provides privacy and data integrity between two communicating applications. It’s the most widely deployed security protocol used today, and is used for Web browsers and other applications that require data to be securely exchanged over a network.
According to the protocol specification, TLS is composed of two layers: the TLS Record Protocol and the TLS Handshake Protocol. The Record Protocol provides connection security, while the Handshake Protocol allows the server and client to authenticate each other and to negotiate encryption algorithms and cryptographic keys before any data is exchanged.
Why has Adobe Connect ended the use of TLS 1.0 and TLS 1.1?
Adobe takes security seriously and as part of our ongoing security compliance we are required to EOL older protocols. One of these is compliance with the Payment Card Industry (PCI). PCI DSS is a set of security standards designed to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment.
What is the last date that I can use an older version of TLS with Adobe Connect?
TLS 1.0 is not supported; TLS 1.1 will be shut off by end of month April 2020. Adobe would like to encourage all users to abandon the older versions as quickly as possible to avoid further exposure to vulnerabilities.
For more information please feel free to contact Adobe Connect support.
What if I invite a participant to my meeting who has not made the TLS changes?
Adobe Connect participants join through the same SSL protocols as meeting hosts. Any participant or presenter or host that attempts to enter Adobe Connect will experience the browser error conditions mentioned below.
What error message will I see if I am using a browser that is not configured for TLS 1.2?
This depends on the browser that you are using. All of the browsers in the minimum system requirements list for Adobe Connect are configured to use TLS 1.2. If you are not on one of these browsers you should update your browser. You can find a list of the browsers supported by Adobe Connect here: Adobe Connect System Requirements
Error messages generated by the SSL communications layer are not controlled by Adobe Connect. They are generated by the browser prior to connecting.. Here are some examples of errors that may be encountered:
IE 8 on Windows 7: