Action Required: Upgrade to TLS 1.2 or later

sveeramani · February 22, 2021, 12:27pm

Still we don’t have enough information on the TLS VERSION affected application or API. It’s not possible for us to migrate to TLS 1.2 before March 21. So we would need our tenants an exception at least for 3 more months as we need to coordinate with our multiple internal teams and update the application & test in DEV/UAT.
Once everything looks good then need to promote the changes to PROD.

This TLS upgrade from Auth0 side is not having enough information what we are looking for. This is a pain point from my side.

mbalcarek · February 25, 2021, 11:48pm

Is there a way to test our changes? We have a complex SharePoint On-Premise setup, using Auth0’s SharePoint Integration and want some level of confidence that our customers will not be locked out March 22. thank you.

konrad.sopala · February 26, 2021, 10:31am

You should receive an email with all the necessary engineering information shortly.

sveeramani · February 26, 2021, 1:09pm

Hi Konrad,
I started seeing the deprecation notices in the tenant logs with query filter - type:“depnote” for TLS legacy usage

konrad.sopala · February 26, 2021, 1:15pm

As far as I’ve been told. It’s gonna be an email.

sveeramani · March 3, 2021, 4:53pm

Still we don’t get any email from Auth0.

Kindly let me know if there is any possibility for depreciation extension or postponement as we have multiple applications, we need to make changes and test those in pre-prod so that we wont have any impact on PROD.

DEFINITELY WE NEED EXTENSION FOR THIS MIGRATION

andrei.ogleznev · March 4, 2021, 12:59pm

+1
the postponement would be highly appreciated

zaid · March 10, 2021, 6:08am

Hi,

I have been receiving emails from Auth0 about upgrading TLS. In the email, I get a notice saying that log analysis shows that some of my clients are using TLS 1.0 or TLS 1.1 to connect. The email also says that I can check this by querying Auth0 logs.

However, when I query Auth0 logs with the following query: type: "deprecation notice", as suggested here, I see nothing.

So, how do I check which of my clients are connecting to my tenant with TLS 1.0 or 1.1?

konrad.sopala · March 10, 2021, 11:45am

Hey there Zaid!

When did you receive the last mail from Auth0 regarding this?

jneireiter · March 10, 2021, 5:04pm

I’m having the same issue. The email to me from last night states “An internal traffic analysis indicates that your tenants are still receiving connections with TLS 1.0 or 1.1.” However, upon going to the logs and selecting “Deprecation Notice” from the filter drop down, it returns that no logs match my search. How do we know which client(s) are using outdated TLS connections? Thanks!

konrad.sopala · March 11, 2021, 9:02am

Hey there!

Let me bring that back to the appropriate team!

ryan.cahill_auth0 · March 15, 2021, 9:03pm

Hey @konrad.sopala, my team is also looking for the same answers related to jneireiter’s question. Please let us know when you have an update

andrei.ogleznev · March 16, 2021, 8:01am

Why does the Auth0 team treat users so disdainfully? how long have we been waiting for the promised email with technical details from the team? how much time do we have until March 22 to make changes and test it? this is becoming simply outrageous!

konrad.sopala · March 16, 2021, 3:31pm

Hey there @jneireiter!

Got back to the team with your concern, as soon as I get it addressed I’ll make sure to share it with you! Sorry for the inconvenience!

konrad.sopala · March 16, 2021, 4:09pm

It could be that you received it during our filtering period but aren’t anymore - our notifications were based off of a snapshot of traffic at a given point in time.

system · March 31, 2021, 4:09pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.