UPDATE: Emma API no longer supporting TLS 1.0 as of August 15th, 2017

  • 1
  • Announcement
  • Updated 10 months ago
  • (Edited)
UPDATE:  We've decided to extend our TLS 1.0 support and testing ground for the new protocol until August 15th, 2017.  

Hi there Emma users!   Specifically those of you out there using our API... and even more specifically, those of you who are using the TLS 1.0 protocol with our API. 

In order to align with industry best practices for security and data integrity, we are requiring an upgrade to TLS 1.1 or higher by August 15th, 2017.   We will be disabling the TLS 1.0 protocol on that day. If you have not verified that your application is connecting using TLS 1.1+ by that time, your use of the API may break. We recommend using TLS 1.2.  

To avoid service disruption, you will need to ensure that you’re connecting via an updated version of TLS.  

We have set up a testing endpoint for you where we have already disabled TLS 1.0.  This will allow you to make sure you are ready to go for the August 15th transition. 

API Endpoint - https://api.e2ma.net - TLS1.0, TLS1.1 and TLS1.2 are currently available for use. TLS1.0 will be disabled on August 15th 2017

Temporary Testing Endpoint - https://apitmp.e2ma.net - TLS1.1 and TLS1.2 only are enabled. TLS1.0 is disabled. You can use this endpoint to validate that your application is successfully using TLS1.1+.

The API answer from both endpoints will be identical - this is only affecting the connection security layer to the endpoint. The temporary API endpoint will also be disabled August 15th as it will no longer be needed.

Please do let me know if you have any questions on this!  

-- Grey
Photo of Grey Stepp

Grey Stepp, Support Team Manager

  • 1697 Posts
  • 135 Reply Likes

Posted 1 year ago

  • 1
Photo of Rebecca Melancon at AIBA

Rebecca Melancon at AIBA

  • 1 Post
  • 0 Reply Likes
I don't even know what this is, how I use it or how to change it
I don't know either ... would you please explain what this is used for.
Photo of Hotspots Media

Hotspots Media

  • 2 Posts
  • 1 Reply Like
Question? We have an account, we use https://app.e2ma.net/  is this mean our campaigns are going to be suspended? How do we update this. Thank you. 
(Edited)
Photo of Benton Cummings

Benton Cummings, Senior Manager, Customer Support

  • 491 Posts
  • 52 Reply Likes
Hi Hotspots Media - it won't suspend your campaigns! Please check out my addition below for some helpful clarification on this- So sorry for the confusion!
I am also do not understand what this means in regards to how this issue impacts our audience lists and campaigns.  When I click on the links for example the testing endpoint, I receive an HTTP 404 message.
Photo of Sahib Shriners

Sahib Shriners

  • 1 Post
  • 0 Reply Likes
I get "Missing Account ID" on both URLs. Don't really have a clue what TLS 1.0 is or what I have to do next.
Photo of Benton Cummings

Benton Cummings, Senior Manager, Customer Support

  • 491 Posts
  • 52 Reply Likes
Official Response
Hi all- So sorry for the confusion on this! TLS is a security protocol that's used when communicating to and from Emma via our API.

We sent an email out to some of our customers this morning, and we found a mistake in that list so you may have received that email in error. We've sent a follow up to notify users who received the message in error, so if you received that feel free to disregard those emails and ignore this post.

For everyone else, please read on!

The API: So for example, if you're using a custom signup form that was built outside of Emma and those contacts are automatically being added to your Emma audience list when they sign up, you'd be using Emma's API as the communication pathway to let those new sign ups into your account. Think of the API as the gateway that allows communication to happen between Emma and some other outside application, form, or website.

The same would be true if you're using an integration to connect audience lists between Emma and, say, your CRM or customer database. That API key you had to generate in Emma to make the connection? That's our API too!

TLS: TLS is a security protocol used to make sure data communication between software is nice and secure. The security protocols used for data transfers will go through updates just like versions of software. So, TLS 1.0 has been found to be insecure, and we require updating any custom written software integrations to ensure secure communications with Emma. TLS 1.2 is the latest version of this security protocol. This is what would be set up on your end by your IT team or developer to ensure your data transfers are secure.

So what does all of this have to do with me? With all of the above in mind, here is who is applicable to the notification... customers who are:
•Using custom software integrations
•Connecting that custom software to your Emma account via our API
•Using TLS 1.0 as your security protocol.

Some of our customers meet these criteria and are still using TLS 1.0 and we're actually disabling that because it's old and outdated, and we don't want to support outdated security protocols. 

We don't expect everyone to know how to update their TLS version, but it'd be a good idea to check in with your IT team or developers to make sure they update to at least TLS 1.1 (we actually recommend TLS 1.2), not only for good data transfer security, but to make sure your use of our API is still going to work!
(Edited)
Photo of Josh Wallace

Josh Wallace

  • 3 Posts
  • 0 Reply Likes
Host is currently unresponsive: https://apitmp.e2ma.net/ Can you tell me when it will be back up?
Photo of Benton Cummings

Benton Cummings, Senior Manager, Customer Support

  • 491 Posts
  • 52 Reply Likes
Thanks for letting us know. Our systems team is looking into this - I'll update here just as soon as it's resolved!
Photo of Benton Cummings

Benton Cummings, Senior Manager, Customer Support

  • 491 Posts
  • 52 Reply Likes
This is resolved now, so you should be all set moving forward! Thanks again for the heads up, and I hope this helps!
Photo of Grey Stepp

Grey Stepp, Support Team Manager

  • 1697 Posts
  • 135 Reply Likes
Official Response
Hi folks!   I just wanted to drop a line in here to let you know that we've decided to extend this transition time out to August 15th.  

The testing endpoint will remain active until August 15th.  

We'll post back here with any additional updates as we get them.  

Please let me know if you have any questions!

Thanks so much!

-G
Photo of Grey Stepp

Grey Stepp, Support Team Manager

  • 1697 Posts
  • 135 Reply Likes
Official Response
Hi folks!  

A quick update here to let you know that we've officially turned off accessibility for TLS 1.0 as of 8/16/2017.  

Please let me know if you have any additional questions! 

- Grey