To improve the security of the HTTPS connections made to apps in Mendix Cloud v4 we enabled TLSv1.3 in February this year. Since then more than 50% of the requests to Cloud v4 apps have been served over TLSv1.3.
To further improve the security of the HTTPS connections to apps in Mendix Cloud v4 we are deprecating and stopping support for block ciphers. Block ciphers are considered weak.On December 1st, 2020
, we will stop technical support for TLSv1.2 Block ciphers (CBC)
for HTTPS connections to apps in Mendix Cloud v4
.What this means for your Mendix apps
Stopping support for TLSv1.2 Block ciphers (CBC) means that old clients will not be able to connect to your Mendix app anymore.
Some examples of clients which will no longer be supported are:
- Java 7 (Mendix 5)
- Internet Explorer version 11 on Windows 7
- Internet Explorer version 11 on Windows 8.1
- Safari before version 9 on OS X 10.11
- Safari before version 9 on iOS 9Test your clients
You can test whether your client (browser or integrating client) will be able to connect to your app after December 1st, 2020, by going to https://tls-check.mendix.com/Important note
Customers who are going to be directly impacted by this activity are going to receive separate email communications (sent only to the Technical Contacts) with extensive reports to take corrective actions.
More information with technical details about this change: https://docs.mendix.com/releasenotes/developer-portal/deployment#september-14th-2020
Sep 11, 12:04 CEST