New TLS Protocols for GroupBy: What You Need to Know
Amanda Allen
In order to provide the most secure services, GroupBy will soon only support the latest Transport Layer Security (TLS) security protocol, TLS 1.2, while removing support for versions 1.0 and 1.1 effective September 21, 2018. All GroupBy customers will need to upgrade their API-based integrations to exclusively support TLS 1.2 to avoid interruptions in functionality.

Reasons for the Transition

We are implementing this change in order to continue providing the most secure services to our customers in alignment with industry standards, placing security at the forefront. Originally developed as Secure Sockets Layer (SSL) protection in the 1990s, TLS protocols provide security when transmitting data over a network. Introduced in 2008, TLS 1.2 is the most recent version and addresses a number of security vulnerabilities that have been identified in TLS 1.0 and TLS 1.1.

What’s Changing

After September 21, 2018, the GroupBy Platform will no longer accept inbound connections from customers using TLS 1.0 and TLS 1.1. While this affects API based integrations it is also important to note that this change will affect how your users using older browsers are impacted for any direct connections to GroupBy's platform. The following web browsers and versions support TLS 1.2 by default:
  • Apple Safari (desktop) – version 7 (or later)
  • Apple Safari (mobile) – iOS 5 (or later)
  • Google Chrome – version 30 (or later)
  • Microsoft Internet Explorer – version 11 (or later)
  • Mozilla Firefox – version 27 (or later)

Not Sure If You Need to Upgrade?

API testing can be done using https://tls.groupbycloud.com, which allows a connection into a test area that returns a dummy record.  If your connection is successful here, no further changes are required. Testing against the endpoint https://tls.groupbycloud.com/api/v1/search and the expected result for a successful call would be: {"id":"12341234-1234-1234-1234-123412341234","area":"Production","records":[{"collection":"Sample","allMeta":{"title":"Cool sample"},"_id":"12345678901234567890123456789012","_u":"http://groupbyinc.com/00001","_t":"Cool sample"}],"totalRecordCount":1,"template":{"name":"default","zones":{}},"pageInfo":{"recordStart":1,"recordEnd":1},"matchStrategy":{"rules":[{"termsGreaterThan":2,"mustMatch":80,"percentage":true}]},"availableNavigation":[{"name":"ranking","displayName":"Product Ranking","type":"Value","moreRefinements":true,"refinements":[{"type":"Value","count":1,"value":"100"}],"metadata":[{"key":"hidden","value":"true"}],"range":false,"or":false}]} A failed test would result in the following error: curl: (35) gnutls_handshake() failed: Error in protocol version We will provide two smoke tests where we will shut off TLS 1.0 and 1.1 for 30 minutes, one on September 11th, 2018 and a second on September 18th, 2018.  You will see a disruption in service if you have not upgraded. If you have any questions related to this transition, please contact our support for additional information.