In the interest of improving the security of client applications and the performance of our systems, we’ll be switching off Transport Layer Security (TLS) versions 1.0 and 1.1 by the end of March. Due to security vulnerabilities of these TLS versions and the fact that they’re no longer considered strong cryptographic protocols, we’ll take the following action to ensure the security of our products.
Starting from 1 April 2023, Muhimbi online products will support only TLS version 1.2 or newer.
From that date, it won’t be possible to connect to Muhimbi services with TLS 1.0 and 1.1.
Affected Muhimbi Products
The following products are affected by the TLS support changes:
PDF Converter REST-Based API for Server Platform (Muhimbi-hosted)
OCR and PDF/A REST-Based API for Server Platform (Muhimbi-hosted)
Self-hosted systems have local security admins that set up security protocols, so Muhimbi on-premises products aren’t affected by this TLS sunsetting.
We advise all our customers to review their TLS settings and switch to the newer version, 1.2. Also, make sure to use browsers that have updated to this version of TLS.
Differences between Earlier TLS Versions and TLS 1.2
The main differences between these two versions of TLS protocols are:
The MD5 and SHA-1 combination in the pseudorandom function (PRF) is replaced with SHA-256, with an option to use cipher suite-specified PRFs.
The MD5 and SHA-1 combination in the digitally signed element is replaced with one hash negotiated during handshake.
Improvement in the client's and server's ability to cite which hash and signature algorithms they can accept.
Support for authenticated encryption is expanded
TLS extensions and AES cipher suites are merged in.
Tighter checking of encrypted pre-master secret version numbers.
If you have any questions, don’t hesitate to contact our Support team.