
Stripe won't work with lower than TLS 1.2, starting tomorrow - danschumann
https://support.stripe.com/questions/how-do-i-upgrade-my-stripe-integration-from-tls-1-0-to-tls-1-2
======
patio11
(I work at Stripe.)

You might wonder "Hmm, is my Stripe integration affected?" (I sure did!) and
the answer is "Almost certainly not." (We've been watching the number of users
with outdated versions of TLS on a dashboard for the last several months and
actively working on getting people migrated.)

If your integration was affected, it is likely you've gotten a few emails from
us and also a notification in your Stripe dashboard. If you don't see a
prominent banner when you log in (with additional detail in your Developer tab
of the dashboard), you're probably good.

If you have any questions, email support@stripe.com ; we're happy to help.

~~~
drchiu
Nice to hear Stripe being proactive before what is essentially functionality
breaking changes. Kudos to you guys for having a page with instructions on
testing it ourselves on production servers with small snippets of pre-written
code.

~~~
patio11
Thanks! We know that the infrastructure we build sits in really important
parts of our customers' businesses and do our best to avoid both breaking
changes and, especially, surprise breaking changes.

(A related topic: we go to fairly substantial efforts to support outdated API
versions while still letting us build new features. Amber Feng had a great
presentation on it back in the day:
[https://www.heavybit.com/library/video/move-fast-dont-
break-...](https://www.heavybit.com/library/video/move-fast-dont-break-api/) )

If working on these sort of problems at scale sounds interesting or if you
like the idea of working on a team which really sweats the downstream impact
of engineering changes, we're hiring and always happy to chat.

------
snikch
I feel like this is an incorrect, inflammatory title. New integrations will
cease to work with TLS < 1.2. Existing integrations are fine.

~~~
jetru
This is a requirement for PCI. So I'm sure all integrations will cease to work
with older TLS.

~~~
fybe
Not necessarily as PCI requires a minimum of TLS 1.1 with 1.2 being the
recommended. [0]

[0][https://blog.pcisecuritystandards.org/are-you-ready-
for-30-j...](https://blog.pcisecuritystandards.org/are-you-ready-
for-30-june-2018-sayin-goodbye-to-ssl-early-tls)

