TLS 1.0 and TLS 1.1 Deprecation by 9/29/21
TLS 1.1 and TLS 1.0 is Now Deprecated
TLS 1.0 and 1.1 was deprecated on 9/29/21 at 10 AM PST. If your integration started receiving errors starting around this time, refer to the guidance below on how to troubleshoot and upgrade to TLS 1.2 or above.
If additional assistance is needed, reach out to Samsara Support.
Who should I be talking to in order to upgrade?
Your IT team or technical team would be needed in order to make the upgrade. If you are not on the technical team, please forward this along to those responsible for maintaining your technical infrastructure.
In some cases, this may be a 3rd party software vendor who is providing an integration with Samsara for you (e.g. McLeod, Prophesy Dispatch, J.J. Keller). In these scenarios it is best to reach out to your contact at those organizations and express urgency for assistance.
What is TLS 1.2?
TLS is the security protocol that secures your data when you send it over the network. TLS 1.0 and 1.1 are older, vulnerable versions and have been deemed insecure by the NSA, banking institutions, major enterprises, and all web browsers.
What do I need to do before 9/29/21?
- Option 1 (Recommended): Make sure you are sending API requests to Samsara using TLS 1.2. This is typically just changing a few lines of code.
- You can test the TLS 1.2 support of your servers by running
curl -I https://tls-v1-2.badssl.com:1012and checking that no error occurs. - You also test by making API calls to the
https://api.playground.samsaradev.io/base URL, instead ofhttps://api.samsara.com. This base URL only allows API traffic on TLS 1.2, so if calling it returns an error, this means you haven't successfully adopted TLS 1.2. Keep in mind that this base URL is not to be used for production use cases, it is only for testing purposes
- You can test the TLS 1.2 support of your servers by running
- Option 2: Change your API calls to have the https://api-deprecated.samsara.com/ base URL instead of https://api.samsara.com/ if you find Option 1 harder to accomplish in the short-term
- API traffic sent using https://api-deprecated.samsara.com/ will still accommodate TLS 1.0 and TLS 1.1.
- We plan to remove support for https://api-deprecated.samsara.com/ on 11/9/21. After 11/9/21, you will need to switch back to using https://api.samsara.com/, which will only allow traffic sent using TLS 1.2
How do I find out what servers are making calls with older TLS versions?
If you need insight into which servers require an update, and your CSM has not already provided this to you, please contact support via https://www.samsara.com/help.
Support will be able to provide which IP addresses are impacted, and which API requests are coming from those IP addresses to help narrow in on where you need to make the change
Do I need to upgrade my API Token to the newest API version?
TLS 1.0 and 1.1 deprecation does NOT have anything to do with upgrading your tokens API version from the API Tokens page in the Samsara dashboard. While it is recommended to keep your API version updated to the latest, this is a separate set of work.
Specifically, TLS deprecation has to do with upgrading the servers that make calls to the impacted API tokens to send API traffic over TLS 1.2