问题
I tried opening a ticket with Docusign Support, but they sent me this way instead. I'm hoping someone will be able to assist with this.
Starting on Nov. 16th at about 12:30 Central, we started getting errors in our application logs in our non-production environment. Upon investigation, it appears that https://demo.docusign.net/restapi started responding to TLSv1 queries with the following:
{
"errorCode": "TLS_INVALID_VERSION",
"message": "TLS Version is invalid, please update to TLS1.2 TLSv1.2 is
required. Currently using TLSv1"
}
This came as a surprise to us considering that Docusign was supposed to disable TLSv1 in their non-production environment many months ago. Back then, we tested our application against the above URL (after the supposed switchover) and everything was working with our application, so we assumed that production would continue to work when that was supposed to switch over. And it did.
The issue is that it turns out that Docusign seems to have not disabled TLSv1 when they said they were supposed to, which invalidated any testing we did previously. And now, we're at risk of our production environment failing at some unknown point in the future.
So, does anyone know when Docusign will be switching over the production environment so that TLSv1 is disabled? We're investigating the option to update the libraries in the app so they support at least TLS 1.1, but that may take some time and this is a critical issue for us.
Hugh
p.s. On a side note, the site says that TLS v1.2 is required, but it still responds to TLS v1.1.
回答1:
Note the publicly announced date for TLS 1.0 deprecation is 6/25/2018. However we had a grace period. Now the hard block dates are coming up. The hard block date in PROD is set at 1/31/2019. In Demo its 11/16, as you noticed.
回答2:
Add this line before calling REST API
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12; It will works fine.
回答3:
I work for DocuSign.
As of this writing, DocuSign has no current plans to stop supporting TLS 1.1. We already support TLS 1.2 and encourage you to upgrade to it rather than TLS 1.1. But TLS 1.1 is fine if that is all your stack currently supports.
来源:https://stackoverflow.com/questions/53487042/tls-version-on-rest-api-url