Because PCI DSS scans now automatically fail servers which accept either SSLv3 or TLSv1.0, a system I need to exchange data will need to start doing so using either TLSv1.1 or TLSv1.2.
I see that support for both now exist using something like
SSLSocketSocket1.ConnectionType = SSLSocket.TLSv12
Does using this have dependencies on the OS version where the code is running? I have customers using anywhere from Windows 8.x back as far as some who have not moved off XP yet.
Before I try and change and roll something out to users, is support for TLS v1.1 or 1.2 self-contained in the classes or will it fail on older OS versions?
If there are OS minimums, does anyone know what the minimums are for Windows users?
TLS 1.2 is supported with OS X 10.9 and newer.
PS: MBS CURL Plugin has TLS 1.2 and is independent of OS version.
You should try it yourself. As I recall, this is built into the plugin, but a quick test would be better.
One problem with a quick test is I don’t have machines running old OS releases myself anymore. And then it can become service pack dependent etc so the tests are not necessarily conclusive since I don’t know the permutations of OS levels on users machines.
So if I knew the class was not OS reliant I’d have a higher comfort factor before trying to roll out to users.
The app doing the current data exchange is not currently in Xojo, but this could provide the justification to port / rewrite in Xojo. I just didn’t want to go down that road and then find I was OS dependent and users who could not connect.
FWIW, if you want old Microsoft testbeds to use go look at http://dev.modern.ie/tools/vms/
I already have a complete MBS license but wanted an interactive socket. I’ve not used CURL much but when I did was just to transfer files. So I’ll revisit the cURL docs and see how easy it would be to transition to it.
So the MBS CURL plugin would let me use TLS 1.2 from any version of Windows or OSX? (TLS v1.1 would also be good enough but I figured if the support was there anyway I’d just jump to TLS v1.2)
our plugin brings it’s own SSL engine, so we have it all there for all OSes.