TLS 1.0 Deprecation
Incident Report for AppOptics
Resolved
TLSv1 support has been disabled. All public endpoints will require TLSv1.1 or greater.

If you have any questions or need assistance in confirming support for your browsers or clients, contact us at support@appoptics.com.
Posted 25 days ago. Jun 25, 2018 - 19:11 UTC
Update
The TLS configuration has been reverted.

We will be disabling support for TLS 1.0 on June 25th.

The vast majority of HTTPS traffic already comes from clients that support TLS 1.2, but a small percentage of users may be affected by this deprecation. On June 25th we will disable TLS 1.0 support for Librato which may result in your browser or client no longer being able to interact with the website or the API. To avoid that, please make sure you support TLS 1.2. TLS 1.1 is supported but not recommended.

The following minimum browser versions support TLS 1.2:
- Microsoft Internet Explorer 11 
- Microsoft Edge (all) 
- Firefox 27
- 
Chrome 30
- 
Safari 7.0 (OS X 10.9) 
- 
Mobile Safari 5.1 (iOS 5.1)
- 
Opera 17

Any modern collection agents or libraries that uses SSL are all likely to be supported. You can check the TLS version number on an instance by running the following curl statement from the instance in question.
curl --silent "https://www.howsmyssl.com/a/check" | grep -o -e '"tls_version":"[a-zA-Z0-9\ \.]*"'
There will be a 'tls_version' field to look for.

If you have any questions or need assistance in confirming support for your browsers or clients, contact us at support@librato.com.
Posted about 1 month ago. Jun 18, 2018 - 20:07 UTC
Update
The new TLS configuration is now in place.
Posted about 1 month ago. Jun 18, 2018 - 19:15 UTC
Update
We are starting a brown out for TLS 1.0 deprecation for approximately 1 hour starting at 12pm Pacific. If you are receiving high rates of HTTP status 500s during this period, the agents forwarding messages may be using TLS 1.0. We will be completing the deprecation process on June 25th.

If you have any questions or need assistance in confirming support for your browsers or clients, contact us at support@librato.com.
Posted about 1 month ago. Jun 18, 2018 - 18:57 UTC
Monitoring
We will be disabling support for TLS 1.0 on June 25th.

The vast majority of HTTPS traffic already comes from clients that support TLS 1.2, but a small percentage of users may be affected by this deprecation. On June 25th we will disable TLS 1.0 support for AppOptics which may result in your browser or client no longer being able to interact with the website or the API. To avoid that, please make sure you support TLS 1.2. TLS 1.1 is supported but not recommended.

There will be a one hour test on June 18th at 12pm PST.

The following minimum browser versions support TLS 1.2:

Microsoft Internet Explorer 11
Microsoft Edge (all)
Firefox 27
Chrome 30
Safari 7.0 (OS X 10.9)
Mobile Safari 5.1 (iOS 5.1)
Opera 17

Any modern collection agents or libraries that uses SSL are all likely to be supported. You can check the TLS version number on an instance by running the following curl statement from the instance in question.

curl --silent "https://www.howsmyssl.com/a/check" | grep -o -e '"tls_version":"[a-zA-Z0-9\ \.]*"'

There will be a 'tls_version' field to look for.

If you have any questions or need assistance in confirming support for your browsers or clients, contact us at support@appoptics.com.
Posted 2 months ago. May 14, 2018 - 15:44 UTC