Update on TLS 1.0/1.1 removal - Noteworthy at Compose

Published

This is your weekly summary of Compose news for those changes and updates which can make your life easier. In this edition, we remind you about the 1st of March TLS 1.0/1.1 removal and review the past week of Compose Articles.

An update on TLS and Compose

We're removing support for older versions of TLS, also known as SSL (the protocol that TLS replaced), on the 1st of March. This removal, as announced at the end of November 2017, is designed to improve the security of your database and API services. As we're getting closer to the removal date, we're also announcing some nuances to our plans on a per database basis.

Generally

Most databases on Compose have HAproxy based portals which manage the incoming TLS connection. On March 1st we'll be reconfiguring them to only accept TLS 1.2. This change should not be noticeable by any up-to-date stack as TLS 1.2 was introduced in 2008.

When a secure connection is being made, the two ends of the connection start with the highest available TLS version they know and begin negotiating and falling back versions. So, with TLS 1.2 at both ends of the connection there should be no falling back needed. Where a client doesn't have TLS 1.2, it will ask to fall back but find nothing to fall back to and the connection will end. That, in turn, means any issues should be found as soon as a client application tried to connect.

We'll have an article soon which will cover ways you can see if your database drivers are TLS 1.2 capable.

There are two exceptions to the plans currently:

Compose Articles

In the past week, we talked containers with Kelsey Hightower, looked at Python connections to Compose databases in the Grand Tour and, in NewBits, we looked at the latest Mongoose.

That's it for this week's Noteworthy at Compose. Onwards to next week!


Read more articles about Compose databases - use our Curated Collections Guide for articles on each database type. If you have any feedback about this or any other Compose article, drop the Compose Articles team a line at articles@compose.com. We're happy to hear from you.

Dj Walker-Morgan
Dj Walker-Morgan is Compose's resident Content Curator, and has been both a developer and writer since Apples came in II flavors and Commodores had Pets. Love this article? Head over to Dj Walker-Morgan’s author page to keep reading.

Conquer the Data Layer

Spend your time developing apps, not managing databases.