Skip to the content

Upgrading from insecure TLS

We will soon be enforcing the use of TLS 1.2 for calls to our API services. If you are currently making API calls using TLS 1.0 or 1.1 you will need to update your systems in order to continue using the services.

To make this as painless as possible we've outlined some common ways your application might be making API calls below and how you can update your app to use TLS 1.2.

Sage 50 Accounts

If you're using our plugin for Sage 50 Accounts, simply download and install the latest version.

Integr8 Postcode Lookup

If you're using our popup application to add postcode lookup into desktop apps such as Outlook, simply download and install the latest version.

.NET Applications

Older versions of .NET Framework applications would only use SSL 3.0 or TLS 1.0 by default. As of .NET Framework 4.7 it will use the operating system's default TLS algorithm selection, which will normally allow the use of TLS 1.2. Therefore the simplest way to update your .NET application is to recompile it against .NET Framework 4.7 with no further changes.

If this is not feasible, please review the additional options listed in the Microsoft best practises documentation.

PHP using CURL

If you are using the PHP curl_exec and related methods to call our API, you can set the maximum/minimum TLS version to use in the request using curl_setopt:

curl_setopt($curl, CURLOPT_SSLVERSION, CURL_SSSLVERSION_TLSv1_2);

A full integration example of the International Telephone Validation service could look like:

// Use curl to make request to Data8 API. 
// Initialize curl object 
$curl = curl_init("https://webservices.data-8.co.uk/InternationalTelephoneValidation/IsValid.json?key=your-api-key-here"); 

$params['telephoneNumber'] = "07111111111"; 
$params['defaultCountry'] = "44"; 
$options['UseMobileValidation'] = false; 
$options['UseLineValidation'] = false; 
$params['options'] = $options; 

$data_string = json_encode($params); 

// Set curl options 
curl_setopt($curl, CURLOPT_POSTFIELDS, $data_string); 
curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type: application/json')); 
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); 
curl_setopt($curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2); 

// Execute curl and return response 
$response = curl_exec($curl); 

if (curl_error($curl)) { 
  $error_msg = curl_error($curl); 
} 

// Close request 
curl_close($curl); 

if (isset($error_msg)) { 
  return $error_msg; 
} 
else 
{ 
  $result = json_decode($response, true); 
  if ($result['Status']['Success'] && ($result['Result']['ValidationResult'] == 'Invalid' || $result['Result']['ValidationResult'] == 'Blank')){ 
    echo 'Invalid telephone number'; 
  } 
  else{ 
    echo 'Valid telephone number'; 
  } 
} 

PHP using SoapClient

If you are using SoapClient to make your API requests, you can specify the minimum version of TLS to use through the stream_context property that can be passed to the SoapClient using:

$parameters = array( 
  'trace' => true, 
  'exceptions' => true, 
  'cache_wsdl' => WSDL_CACHE_NONE, 
  'stream_context' => stream_context_create(array( 
    'ssl' => array( 
      'crypto_method' =>  STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT 
    ), 
  )), 
  'connection_timeout' => 15 
); 

$client = new SoapClient("https://webservices.data-8.co.uk/InternationalTelephoneValidation.asmx?WSDL", $parameters); 

A full integration example of the International Telephone Validation service could look like:

$options = array( 
  "Option" => array( 
    array( 
      "Name" => "UseMobileValidation", 
      "Value" => "false" 
    ), 
    array( 
      "Name" => "UseLineValidation", 
      "Value" => "false" 
    ) 
  ) 
); 

$params = array( 
  'username' => "apikey-your-api-key-here", 
  'password' => null, 
  'telephoneNumber' => "07111111111", 
  'defaultCountry' => "44", 
  'options' => $options 
); 

$parameters = array( 
  'trace' => true, 
  'exceptions' => true, 
  'cache_wsdl' => WSDL_CACHE_NONE, 
  'stream_context' => stream_context_create(array( 
    'ssl' => array( 
      'crypto_method' =>  STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT 
    ), 
  )), 
  'connection_timeout' => 15 
); 

$client = new SoapClient("https://webservices.data-8.co.uk/InternationalTelephoneValidation.asmx?WSDL", $parameters); 
$response = $client->IsValid($params); 

$result = $response->IsValidResult; 

if ($result->Status->Success && ($result->Result->ValidationResult == 'Invalid' || $result->Result->ValidationResult == 'Blank')) { 
  echo 'Invalid telephone number'; 
} 
else { 
  echo 'Valid telephone number'; 
}

If you have any problems updating your integration to use TLS 1.2, please contact us at helpdesk@data-8.co.uk for assistance and include an example of how you are making your API requests for us to reproduce your issue.

About the author

Mark Carrington

Mark Carrington

Mark Carrington is the Chief Technologist at data8 and lives and breathes everything to do with data and Dynamics

Start a Free 14 Day Trial Today

Register below to start a free trial of our services