Menu

TLS security update: How to test support for my API access (custom integration)

As of June 30th, 2018 The Payment Card Industry Security Standards Council is requiring that we upgrade the minimum version of TLS supported by our servers to be 1.2. Further information can be found here.


In order to support this requirement, Thinkific will be updating our servers on May 31st to remove support for TLS 1.0 and 1.1. 


How to test if this will affect you

To facilitate validation of your current support of TLS 1.2 or above we have set up a test server at https://tlstest.thinkific.com.  


Test your browser support

Most browsers have supported TLS 1.2 for several years, but you can test your browser by navigating to https://tlstest.thinkific.com

If you see the message "Your browser is supported!" You are ready to go and no further action is necessary.

If you receive an error message, you will need to update your browser.


Test your API & integration support

If you have integrations that are dependent on our API, it’s important that you verify that any custom code you have written or other libraries that consume our API are compliant with TLS v1.2 and greater.


In order to verify that your custom code will continue to work, you should attempt to access our API through our test server at https://tlstest.thinkific.com from the server where your custom code is executed. We recommend running a simple query for users. Below are examples of how you can accomplish this in Ruby and Javascript (Node).


Upon execution, you will receive a success or failure message.  If you encounter a message that reveals that you do not currently support TLS 1.2, you will need to perform the necessary updates to ensure seamless functionality going forward.


Ruby

require 'rest-client'

API_KEY = 'your API key'
SUBDOMAIN = 'your subdomain'
API_ENDPOINT = 'https://tlstest.thinkific.com/api/public/v1/users'

def testTls
  RestClient::Request.execute(
    method: :get,
    url: API_ENDPOINT,
    verify_ssl: false, # Not recommended for production code!
    headers: {
        'X-Auth-API-Key' => API_KEY,
        'X-Auth-Subdomain' => SUBDOMAIN
    }
  )
end

begin
  testTls()
rescue Errno::ECONNRESET => ex
  puts 'TLS 1.2 is not supported by your client code'
end


Javascript (Node)

const https = require("https")

const API_KEY = 'your API key'
const SUBDOMAIN = 'your subdomain'
const API_ENDPOINT = 'tlstest.thinkific.com'

const testTls = () => {

  const options = {
    hostname: API_ENDPOINT,
    port: 443,
    path: '/api/public/v1/users',
    method: 'GET',
    headers: {
      "X-Auth-API-Key": "API_KEY",
      "X-Auth-Subdomain": SUBDOMAIN
    }
  }

  const req = https.request(options, (res) => {
    res.on("data", (data) => {
      console.log("TLS 1.2 supported, no action required.")
    })
  })

  req.end()

  req.on("error", (err) => {
    if (err.code == "ECONNRESET") {
      console.log("TLS 1.2 not supported! You will need to upgrade")
    } else {
      console.log("Unknown error talking to Thinkific, please try again later.")
    }
  })
}

testTls()



Further Reading

1. https://blog.pcisecuritystandards.org/migrating-from-ssl-and-early-tls


Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.