As we’ve upgraded a lot of our servers to openssl 1.0.1e we’ve seen a handful of problems with APIs or payment gateways. The companies whose API is being used say they don’t support openssl 1.0.1e and/or TLSv1.2 is not support and the server will have to use TLSv1.0. There seems to be a lot of confusion about openssl versions, TLS versions, and how they work. This blog post will clear up the confusion and help explain how to deal with APIs that are having problems.
What is TLS?
Transport Layer Security (TLS) is a protocol to allow two computers to communicate securely over the internet using encryption. It is frequently called Secure Sockets Layer (SSL) and the two terms are used interchangeably by lots of people.
What is openssl?
openssl is an implementation of the TLS protocol which is very popular with Linux distros. There are other implementations of the TLS protocol: NSS is used by Firefox and Thunderbird, Secure channel (SChannel) is used by Microsoft. Read more