Qualys will require all connections to our Cloud Platform to use TLS 1.1 or higher beginning April 2nd 2018, in order to align with industry best practices for security and data integrity.
Please ensure that you are using TLSv1.1+, or your connectivity to the Cloud Platform will be impacted. This change will affect all connections to the Cloud Platform, this includes UIs, APIs, Scanner Appliances, and Cloud Agents.
Dates for each Shared Cloud Platform are listed in the table below. If you are hosted on a Private Cloud Platform (PCP), this change will be coordinated directly with our Security Operations team.
|Platform Name||User Interface||API||Scanner Appliance||Cloud Agents|
|US Shared 1||April 17, 2018||April 17, 2018||April 17, 2018||May 17, 2018|
|US Shared 2||April 12, 2018||April 12, 2018||April 12, 2018||May 12, 2018|
|US Shared 3||April 2, 2018||April 2, 2018||April 2, 2018||May 2, 2018|
|EU Shared 1||April 10, 2018||April 10, 2018||April 10, 2018||May 10, 2018|
|EU Shared 2||April 4, 2018||April 4, 2018||April 4, 2018||May 4, 2018|
|IN Shared 1||April 9, 2018||April 9, 2018||April 9, 2018||May 9, 2018|
Any legacy software that does not support TLSv1.1+ will require updating prior to this change. If TLSv1.1+ is not supported and the application is not updated, the application may cease to function on the date mentioned in the table above. Please work with the appropriate vendor to confirm if TLSv1.1+ is natively supported or if a system update is required prior to the change-over date.
For Cloud Agent deployments: Cloud Agent Windows utilizes cryptography support provided by the operating system. Certain older Windows operating systems do not have TLS 1.1+ support or support enabled by default and require updates or configuration for Cloud Agent to utilize TLS 1.1+.
- Windows 7, Server 2008/R2, Server 2012 – https://support.microsoft.com/en-us/help/3140245/update-to-enable-tls-1-1-and-tls-1-2-as-a-default-secure-protocols-in
- Windows Server 2008 SP2 – https://support.microsoft.com/en-us/help/4019276/update-to-add-support-for-tls-1-1-and-tls-1-2-in-windows
This same notification is also published under TLS 1.0 Deprecation information in the Support KnowledgeBase.