TLS and Server OS Compatibility

TLS versions for inbound and outbound connections

Flowgear currently only permits inbound connections using TLS 1.2. This means that if you are attempting to connect from a computer that does not support TLS 1.2, you will be unable to reach our API's. Note that an inbound connection includes a DropPoint, a user working in the Console (and therefore calling our public API's) as well as endpoints published under your subscription under our Enterprise API feature.

At present, outbound connections from the platform continue to support old versions of TLS 1.0 and 1.1 but we strongly recommend ensuring that the endpoints you integrate support TLS 1.2 as we will be deprecating support for this in due course.

Old DropPoint Versions

• v4-Series DropPoints are not able to negotiate a TLS 1.2 connection and must be upgraded
• v4, v5 and v2021 -Series DropPoints will not work on Server 2008 R2 or earlier and will need to be upgraded to the latest release (currently v2021.09.20.2).

Old Windows Server Versions

Windows Server 2003 has never supported TLS 1.2 and it will therefore not be possible to use a DropPoint on that OS version. It will also not be possible to make calls to the Flowgear API from third party application code from Server 2003.

Windows Server 2008 has had support for TLS 1.2 since 2017 via an update. Refer to https://www.microsoft.com/security/blog/2017/07/20/tls-1-2-support-added-to-windows-server-2008/ for further information and note that even after installing the referenced update, it will be necessary to explicitly enable TLS 1.2 by making the registry change referenced in that article.

.NET Framework compatibility

If you are using a .NET application to make calls to Flowgear via API, you may need to make a configuration change if you are targeting .NET Framework 4.6 or lower. In that version, TLS 1.2 is not enabled by default.

To enable it, add the following code to the startup of your app:

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12

For further information, refer to these articles:

• https://docs.microsoft.com/en-us/dotnet/framework/network-programming/tls
• https://stackoverflow.com/questions/28286086/default-securityprotocol-in-net-4-5