Welcome to our Support Center

Please note that in order to improve the efficiency and effectiveness of our support team, we are no longer offering technical support by telephone. As always, you can contact us by e-mail or via the Support Portal for assistance, and your customers can e-mail or call our dedicated Customer Support team 24 hours a day for questions about orders or declined transactions.

Account Management
Advanced Sales Options
Affiliates and SplitPay
Business Intelligence Reporting
Currency and Pricing
Custom Layouts
Downloads
Downloads and Reinstalls
Fax and Phone Orders
Frequently Asked Questions
Glossary
Order Management
Payment and Accounting
Purchaser Questions
References
Refunds, Returns and Voids
Reports
Sales and Marketing
Sales Tax and VAT
SDK
Serial Numbers - Product Activation
Shipping and Fulfillment
SKU Management
Subscriptions
TLS Changes

TLS Changes

Ending support for TLS 1.0


As you may know, in order to protect our clients and customers, we maintain a PCI compliance level 1 rating. This ensures that we are maintaining the highest standards of security for all critical data such as payment information. Recently, the PCI Security Standards Council determined that it was necessary to shut off all versions of SSL protocol as well as TLS 1.0. In order to protect our clients and customers, we are required to have shut off TLS 1.0 prior to November 1, 2016. This maintenance has already been performed on multiple Digital River platforms, and we will be doing the same maintenance to the eSellerate platform. Multiple non-DR sites have already shut off SSL and TLS 1.0.
 
For the majority of our clients, the transition will be seamless, with web store traffic being mainly unaffected as most modern browsers support the use of TLS 1.1 and TLS 1.2 protocols. Any traffic that is generated by the end customer’s computer should continue working without issue as long as the customer has updated browser capabilities.
 
Some users of our advanced services (examples listed below) may need to ensure that their code and environment supports making calls out to our servers using TLS 1.1 or TLS 1.2. We strongly recommended ensuring that you support TLS 1.2, as TLS 1.1 is required to be shut off by 2018. Any service utilized by our clients that involve calling to an eSellerate endpoint could potentially be affected, dependent upon the client’s solution.
 
Many clients will be unaffected by this change, as newer framework versions inherently support calls via TLS 1.2, such as .Net version 4.5 and higher. Older code bases and environments may need to be upgraded in order to support the transition to TLS 1.1 or higher. Additional information for your particular solution can be found in various blogs and articles published on the Internet.
 
Advanced services potentially affected:
  • Activation (does not include manual activation)
  • EWS purchases (dependent on customer’s browser capabilities)
  • Integrated eSellers (further investigation in process)
  • Order lookup service
  • Subscription service (this is a utility web service. Purchase and renewal of subscriptions will not be affected)
  • Cancel subscription service
  • Any calls to web services or pages on the esellerate.net or reg.net domains that are performed via code.
 
For more information, we have located the following articles:

Blog with information on the PCI change - https://blog.varonis.com/ssl-and-tls-1-0-no-longer-acceptable-for-pci-compliance/

SSL Labs site to test for SSL capabilities - https://www.ssllabs.com/

SSL Labs documentation with information on SSL/TLS best practices and other helpful information - https://www.ssllabs.com/projects/documentation/

PCI security standards documention on migration - https://www.pcisecuritystandards.org/documents/Migrating_from_SSL_Early_TLS_Information%20Supplement_v1.pdf

 
XML Order Notice