TLS 1.2 request to a TLS 1.0 webservice

Hi,

We changed our software so we now use TLS 1.2 in our communication with webservices. Suppose we do a request to a webservice that only accept TLS 1.0. Is that a problem given that we now use TLS 1.2? Or does it work in all the situations the request is at least of the same version as the webservice to be requested?

Regards,

Arne
adiemeerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Ashvin AshokTeam Manager - ITCommented:
Yes it will be a problem. In order for the clients to support TLS 1.2 the user should enable the check box in the internet explorer settings from the advanced tab. Please refer to the screen shot for your reference.

Payment-Screen-shot.JPG
Massimiliano LoiSenior System EngineerCommented:
It only depends on your Customer's ability to work with this protocol in their browsers.
I'd suggest to check with them by doing a test before going live.

Max
adiemeerAuthor Commented:
I will further specify my question. The situation is that we have software that is installed on a server. From this server we can do requests to another server where a webservice is hosted. Suppose that this hosted webservice only supports TLS 1.0. Does that give any problems? I asked this for compatibility reasons. We want to be sure that a new version of our software doesn't kill existing connections.
SolarWinds® Network Configuration Manager (NCM)

SolarWinds® Network Configuration Manager brings structure and peace of mind to configuration management. Bulk config deployment, automatic backups, change detection, vulnerability assessments, and config change templates reduce the time needed for repetitive tasks.

Ashvin AshokTeam Manager - ITCommented:
Thank you for rephrasing it.. Yes as you said there will be compatibility issue. I have personally worked on exactly the same scenario and it did not work out. I had to roll back the settings to support TLS 1.0

You can try using a tool IISCrypto in your test environment to understand much better on the same if you need hands on experience
adiemeerAuthor Commented:
Thanks Ashvin. But is it possible to both be able to do TLS 1.0 requests and TLS 1.2 requests? And do you know an online exposed webservice that only accepts TLS 1.0 (for testing purposes)?
Ashvin AshokTeam Manager - ITCommented:
Yes, What you have put through now is possible but both the hosted server and your Crypto server should accept the request for both TLS 1.0 and 1.2

You can test your TLS validation from " https://www.ssllabs.com/ssltest " but not sure about exposed public sites

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
adiemeerAuthor Commented:
Thanks for your assistance
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
tls/ssl

From novice to tech pro — start learning today.