cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Community Member

(Action Required) TLS protocol changes

We recently got an email from Canvas support, what steps should I take ?

This is a little confusing:

You can address this behavior in one of two ways:

  • Transition to TLS 1.2 by September 19.
  • Transition your API URL to a legacy endpoint for your institution— (e.g. institution-name.legacyapi.instructure.com instead of institution-name.instructure.com). Legacy endpoints will be supported until 17 July 2021, which will provide additional time to transition to TLS 1.2.

Please help and can I speak to a technical person from Canvas.

Thank you,

Kind regards,

Shredhar Raju

Tags (1)
4 Replies
Highlighted
Surveyor

At the tail end of the email it tells you that you can get a list of IP addresses that are using older TLS from your CSM. This basically is anyone and anything that is accessing Canvas using older TLS, so it could be some crappy piece of software that someone has that uses an old library or something.

If one of those IP addresses is yours, then perhaps one of your systems needs to be updated or reconfigured to use the backup API endpoint.

That's my interpretation.

Highlighted
Surveyor

It could just be a REALLY old browser on an old OS too.

0 Kudos
Highlighted
Community Member

Hi David,

Thanks for your reply, I understand that most modern browsers use the latest TLS version, we not concerned on that front.  

My concern is what we need to do from our end if we have an API configured with Canvas to take required actions for this item:

Transition your API URL to a legacy endpoint for your institution— (e.g. institution-name.legacyapi.instructure.com instead of institution-name.instructure.com). Legacy endpoints will be supported until 17 July 2021, which will provide additional time to transition to TLS 1.2.

Kind regards,

Shredhar Raju

Highlighted
Instructure
Instructure

Hi sraju@newington.nsw.edu.au‌,

Cheers for question. Instructure has recently put together the following FAQ documentation if you are searching for more answers: Customer TLS Protocols FAQ - Google Docs. As David has mentioned, you can also request a copy of affected IPs from your Customer Success Manager.

Cheers

Adam

Labels