We’re only a month into 2018 and already we’ve seen some major information security challenges with the disclosure of the Meltdown and Spectre microprocessor vulnerabilities. This highlights once again the importance of keeping our systems up to date to keep them as secure as possible. To maintain the security of Xero, we’ll be ceasing support for older web browsers using TLS 1.0 from 31 May 2018.
What is TLS?
Transport Layer Security (TLS) is a cryptographic protocol that provides secure communications over the Internet. It’s used to secure all communications between Xero and your web browser. TLS 1.0 has known vulnerabilities and is no longer deemed secure.
So what does this mean for you?
If you’re already using a recent web browser version that supports TLS 1.1 or later then there’s nothing for you to do. But if you’re using an older web browser you should check to make sure it can support TLS 1.1. TLS 1.2 has been available for a while now and we recommend you upgrade to this latest version if possible.
Some of the web browsers that are commonly used are listed below (not an exhaustive list). Check your own systems to verify that they are compatible with TLS 1.1 at a minimum.
| Browser | Compatibility |
| Microsoft Internet Explorer (IE) | |
| Desktop and mobile IE version 11 | Compatible with TLS 1.1 or higher by default
If you see the “Stronger security is required” error message, you may need to turn off the TLS 1.0 setting in the Internet Options | Advanced Settings list. |
| Desktop IE versions 8, 9, and 10 | Compatible only when running Windows 7 or newer, but not by default.
Windows Vista, XP and earlier are incompatible and cannot be configured to support TLS 1.1 or TLS 1.2. |
| Desktop IE versions 7 and below | Not compatible with TLS 1.1 or higher encryption. |
| Mobile IE versions 10 and below | Not compatible with TLS 1.1 or higher encryption. |
| Microsoft Edge | Compatible with TLS 1.1 or higher by default. |
| Mozilla Firefox | |
| Firefox 27 and higher | Compatible with TLS 1.1 or higher by default. |
| Firefox 23 to 26 | Compatible, but not by default.
Use about:config to enable TLS 1.1 or TLS 1.2 by updating the security.tls.version.max config value to 2 for TLS 1.1 or 3 for TLS 1.2. |
| Firefox 22 and below | Not compatible with TLS 1.1 or higher encryption. |
| Google Chrome | |
| Google Chrome 38 and higher | Compatible with TLS 1.1 or higher by default. |
| Google Chrome 22 to 37 | Compatible when running on Windows XP SP3, Vista, or newer (desktop), OS X 10.6 (Snow Leopard) or newer (desktop), or Android 2.3 (Gingerbread) or newer (mobile). |
| Google Chrome 21 and below | Not compatible with TLS 1.1 or higher encryption. |
| Google Android OS Browser | |
| Android 5.0 (Lollipop) and higher | Compatible with TLS 1.1 or higher by default. |
| Android 4.4 (KitKat) to 4.4.4 | May be compatible with TLS 1.1 or higher. Some devices with Android 4.4.x may not support TLS 1.1 or higher. |
| Android 4.3 (Jelly Bean) and below | Not compatible with TLS 1.1 or higher encryption. |
| Apple Safari | |
| Desktop Safari versions 7 and higher for OS X 10.9 (Mavericks) and higher | Compatible with TLS 1.1 or higher by default. |
| Desktop Safari versions 6 and below for OS X 10.8 (Mountain Lion) and below | Not compatible with TLS 1.1 or higher encryption. |
| Mobile Safari versions 5 and higher for iOS 5 and higher | Compatible with TLS 1.1 or higher by default. |
| Mobile Safari for iOS 4 and below | Not compatible with TLS 1.1 or higher encryption. |
Oh my goodness! Amazing article dude! Thank you so much, However I am going through difficulties with your RSS.
I don’t understand why I cannot subscribe to it. Is there anybody else getting identical RSS problems?
Anybody who knows the answer will you kindly respond?
Thanks!!
Hi Judith,
Thanks very much for your kind feedback.
Have you contacted Support about your difficulties with RSS? They’re the best placed to help you – Support.xero.com.
Regards,
Paul
my browse pass the deactivation test, however, still has TLS error problem, please advise, is it something wrong with the setting?
my browse pass the deactivation test, however, still has TLS error problem, please advise, is it something wrong with the setting?
Hi, can you please contact our Support Team via http://support.xero.com so that someone can take a closer look at this to see what’s going on? Thanks – BA
I have deactivated TLS 1.0 but still get the error. It’s the same issue that has been asked multiple times above – can you not provide an answer??
Hi Rob, sorry to hear that you are still having issues. Can you please raise a case with our Support Team via this link > http://support.xero.com with as much information as possible so they can take a look into this for you. Thanks, BA
Having the same issues with TLS error, browser check was ok, Get the same error when trying to contact support.
Help please
Sorry to hear that Julie – I will raise a case with our support team on your behalf to see whether we can get this fixed for you. Cheers, BA
Having the same issues with TLS error, browser check was ok, Get the same error when trying to contact support.
Help please
Hi Jo – thanks for your comment. I have reached out to our support team on your behalf and have been informed that someone is taking a look into this issue for you. Hopefully they will be able to give you a hand to resolve it. ^BA
I have the same issue and very frustrated, as I moved all my accounting clients to XERO and now have a negative feedback due to this issue and people are asking me to return them back to QuickBooks!
Hi Tatiana, sorry to hear that you’re having some trouble. Are you able to raise a case with our Support Team so they can take a closer look and give you a hand directly? Thanks so much!
Hi
I am currently having some issues with my Xero and stating that TLS 1.0 support has ended. Could you please help me to fix this?
We have already check on 1.2 – advanced tab of Internet Options.
Thanks
Hi Carol, sorry to hear that you’re having some trouble. Can you please raise a ticket with our support team so that we can get in touch directly to give you a hand. Thanks!