Date:    March 5th 2021

To:                   Layer7 API Gateway Customers

From:               Layer7 APIM Team

Subject:           Deprecation announcement for Layer7 API Gateway - TLS 1.0 and TLS 1.1 Functionality

CA Technologies, a Broadcom Company, is continually working to improve our software and services to best meet the needs of our customers. In accordance with our  Broadcom Maintenance Policy Handbook , please consider this email your written notification that we are deprecating the following product features per the following schedule.

• Layer7 API Gateway 10.0 CR3 - TLS 1.0 and TLS 1.1 effective March 5th 2021

OpenJDK has recently notified everyone that the support for TLS 1.0 and TLS 1.1 will be disabled by default in Java 1.8_292 and Java 11.0.11. As TLS 1.0 and TLS 1.1 are less secure as compared to TLS 1.2 and TLS 1.3, we have decided to deprecate these protocols from API Gateway 10.0 CR3 as well. API Gateway 10.0 will be the last version to support TLS 1.0 and TLS 1.1. These protocols will not be supported on future versions of API Gateway.

At this time, customers are requested to start moving their APIs to communicate over TLS 1.2 and TLS 1.3. Customers willing to use TLS 1.0 and TLS 1.1 will need to change java.security file to support mentioned protocols as mentioned in this article. Customers are requested to go through release notes for all details about deprecation and further steps.

For additional information on Layer7 API Gateway, please visit the Layer7 product pages at Broadcom Support Online.

Regards,

Layer7 APIM Team 

Copyright © 2021 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries. Broadcom, the pulse logo, Connecting everything, CA Technologies and the CA technologies logo are among the trademarks of Broadcom. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies.