Layer7 API Gateway - TLS 1.0 and TLS 1.1 Deprecation
17573
05 March 2021
05 March 2021
Date: March 5th 2021
To: Layer7 API Gateway Customers
From: Layer7 APIM Team
Subject: Deprecation announcement for Layer7 API Gateway - TLS 1.0 and TLS 1.1 Functionality
CA Technologies, a Broadcom Company, is continually working to improve our software and services to best meet the needs of our customers. In accordance with our Broadcom Maintenance Policy Handbook , please consider this email your written notification that we are deprecating the following product features per the following schedule.
- Layer7 API Gateway 10.0 CR3 - TLS 1.0 and TLS 1.1 effective March 5th 2021
OpenJDK has recently notified everyone that the support for TLS 1.0 and TLS 1.1 will be disabled by default in Java 1.8_292 and Java 11.0.11. As TLS 1.0 and TLS 1.1 are less secure as compared to TLS 1.2 and TLS 1.3, we have decided to deprecate these protocols from API Gateway 10.0 CR3 as well. API Gateway 10.0 will be the last version to support TLS 1.0 and TLS 1.1. These protocols will not be supported on future versions of API Gateway.
At this time, customers are requested to start moving their APIs to communicate over TLS 1.2 and TLS 1.3. Customers willing to use TLS 1.0 and TLS 1.1 will need to change java.security file to support mentioned protocols as mentioned in this article. Customers are requested to go through release notes for all details about deprecation and further steps.
For additional information on Layer7 API Gateway, please visit the Layer7 product pages at Broadcom Support Online.
Regards,
Layer7 APIM Team
Copyright © 2021 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries. Broadcom, the pulse logo, Connecting everything, CA Technologies and the CA technologies logo are among the trademarks of Broadcom. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies.