Welcome to Vortx Community Forum, where you can ask questions and receive answers from the staff at Vortx and other members of the community.

If you had a user account on our previous forums website, you will need to register a new account here.

Learn more about...

AspDotNetStorefront
DotFeed

Does Multistore 9.2.0.0 and AspDotNetStorefront ML 8.0.1.2 Support TLS 1.1?

Does Multistore 9.2.0.0 and AspDotNetStorefront ML 8.0.1.2 Support TLS 1.1?

We're running on 2.0 Net Framework for ML and 3.5 .Net Framework for MultiStore with TLS 1.0

Can we just upgrade to use TLS 1.1 with no modifications in ML and Multistore?
asked Mar 21, 2016 in ML by MarkMohan (195 points)

3 Answers

0 votes
TLS 1.1 and TLS 1.2 support was added to .net 4.5 at the same time so you would still be better off upgrading.
answered Mar 21, 2016 by mmcgeachy (5,045 points)
+1 vote

As mmcgeachy is suggesting, there are two parts to the answer to get the complete picture.  One part is about the storefront platform itself (AspDotNetStorefront) and the second is in reguard to your hosting provider.

AspDotNetStorefront

First, for the Storefront Itself neither, version 8.0.1,2 nor 9.2 of AspDotNetStorefront will support TLS 1.1 or TLS 1.2 as they are written on .NET library versions 2.0 and 3.5.  Only AspDotNetStorefront versions 9.5 and 10 support TLS 1.1 and TLS 1.2.  So, you will need to upgrade from your current version to get support for the more secure TLS protocol.

Web Hosting Provider

The second part is about your host provider's server.  Does it support TLS 1.1 and TLS 1.2?  You can ask them, or you can run a simple test by making a quick change to a setting in your browser.  Follow the instructions in this link to learn how to setup IE, Chrome, and FireFox Then, go to your website and go into the shopping cart or any other secure page.  If the page comes up, the host server supports TLS 1.2.

In Chrome, You can also click on the 'lock' in the broswer URL bar and review the connection details.  It will tell you if the session is using TLS and which version.

answered Mar 25, 2016 by equatek (130 points)
edited Mar 25, 2016 by equatek
+2 votes

So, I'm not sure about other versions but we are running version 9.3.1.0 and were kind of being strong armed to upgrade at a steep price, so I made some modifications and tested against PayPal's Sandbox which only supports TLS 1.2 now and everything worked.  Below are the steps I took.  You will need source code for this to work.

 

1. Set the framework in the web.config to target 4.0 or in VS, change your web project to target 4.0.

2. In AppLogic, find the Custom_ApplicationStart_Logic method and add the following code, then rebuild:

System.Net.ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;

3. Edit the safari.browser file in the App_Browsers folder of your website and change safari1plus to WebKit.

 

I'm pretty sure those were the only changes I made.... :)

answered Jun 15, 2016 by Reddev (170 points)
Just curious why change the .net version to 4.0 istead of 4.5?
Yep, that should do the trick. We just did the same - except we used 4.5 - to support upcoming TLS requirements for our SalesForce integration.
Did you retarget the .net version for all projects in the solution or just the "web" site?
Sorry for the late reply, just the web site.
...