Removal of TLS 1.0 and 1.1 from our load balancers on June 30

tls
While we have maintained TLS 1.0 and TLS 1.1 for compatibility reasons, this will no longer be the case as of June 30.

When you access a website or an online application, you most often do so in a “secure” way. This is for example the well-known green padlock that symbolizes HTTPS connections in your browser, which has become a standard these years thanks to initiatives like Let’s Encrypt

This means that the data transferred to the server is encrypted, and that even if they are intercepted, they cannot be read by a third party. This protection has been provided by the TLS (Transport Layer Security) protocol for almost 20 years, whether it’s a personal site, an online shop or an access to your bank’s services.

Over time, this critical technical brick on the Internet has evolved to strengthen the level of security it offers. In August 2018, its version 1.3 (the latest) was released. Meanwhile, versions 1.0 and 1.1 were considered to no longer offer a sufficient level of protection. They have been deprecated by the IETF (Internet Engineering Task Force) since March 2021 and have therefore been gradually removed from recent browsers such as Firefox, Chrome and its derivatives or Safari.

Clever Cloud Sōzu TLS Version
More than 90% of our traffic is TLS 1.3

At Clever Cloud, we have seen our customers adopt TLS 1.2 and 1.3 gradually. On our load balancers, based on our in-house and open source reverse proxy Sōzu, the latest version accounts for over 90% of the requests processed each day. TLS 1.2 for just under 9%. TLS 1.0 and 1.1 for only a few tens of thousands of requests per day, less than 0.1% of our traffic.

While we have maintained these versions for compatibility reasons, this will no longer be the case as of June 30. We will of course inform the customers affected by this choice, and encourage them to switch to more recent versions, which will have advantages for them in terms of security, performance and SEO.

Several reminders will be sent between now and the final shutdown of TLS 1.0 and 1.1. If you have any questions on this subject, please contact our support team through the Console.

Blog

À lire également

Deploy Brinjel on Clever Cloud

Brinjel is an open-source field management software designed for market gardeners, helping them plan seasons, track harvests, and optimize agricultural production. Created by and for market gardeners, it emphasizes an intuitive interface and features tailored to real-world needs.
Company

Simplify the management of Clever Cloud services via Kubernetes with our new operator

For the past two years, we've been enabling our customers to combine the ease of deployment of Clever Cloud with an existing Kubernetes infrastructure through an operator.
Engineering

Keycloak as a Service: identity management without the complexity

Ensuring identification and access management (IAM) in an application is a challenge that is as strategic as it is complex. But beyond the initial configuration, it is the maintenance, updates and supervision of the solution that most mobilise your teams. What if you could concentrate on your applications... while a managed solution took care of the rest?
Company