Forcing TLS 1.2 to Communicate with Remote API

I just received this notification from MailChimp.

We strongly encourage any developers who are using the MailChimp API to ensure that their software supports negotiating TLS 1.2 connections, and to coordinate with their system administrators to update software to take advantage of newer TLS versions. In addition, we recommend proactively switching over to TLS 1.2 when communicating with MailChimp’s API by modifying your API client software to enforce TLS 1.2 negotiation.

I have written some code in PHP that makes an API call to MailChimp. I'm not sure how to tell or know if I am using TLS 1.2 to communicate with their API.

How does one make sure you are or find out what protocol you are using?
Paul KonstanskiProject SpecialistAsked:
Who is Participating?
Normally if you have a high enough version of PHP like Dave said, and you're connecting to a server that supports TLS 1.2, it should automatically choose the best protocol available on both sides (which would be TLS 1.2 as of right now).

However, if you want to FORCE your code to use TLS 1.2 and to fail if it's not available (or if you're dealing with a server that has some abnormal SSL settings), then within your code, set the curl option CURLOPT_SSLVERSION to CURL_SSLVERSION_TLSv1_2. That's it.
Dave BaldwinFixer of ProblemsCommented:
If you are using PHP cURL, you need to be using PHP 5.6 or newer to have the correct TLS versions available.
Paul KonstanskiProject SpecialistAuthor Commented:
I am using PHP 7.0 so I should be fine on that front.

So is it a setting that needs to be set? (e.g. in the php.ini or something).
Or what is it that I need to do to insure that I am using a specific TLS version?

Dave BaldwinFixer of ProblemsCommented:
This page shows the curl options.
Paul KonstanskiProject SpecialistAuthor Commented:
Thanks for the excellent advice. I have two servers that access MailChimp. One is running PhP 5.4, the other is running 7.0. Mailchimp is probably seeing the one running 5.4 and giving me that warning in light of that. I will be phasing out that server in the next two weeks so that should take care of it.

Thanks again. You guys are great with your advice. Keeps me coming back to Experts Exchange.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.