Share:
Print
Facebook
Twitter
Linkedin
Email

Security

Security between your B2G servers and the PPSR is provided by the transport layer security (TLS) protocol.

Feedback

On this page

Security and your B2G PPSR channel

Security between your B2G servers and the PPSR is provided by the transport layer security (TLS) protocol. TLS is now the only supported protocol. Secure socket layer (SSL) is no longer used due to vulnerabilities identified with the SSL protocol.

Your security is also protected by your B2G password. It is important to keep this password safe.

Upgrade to TLS 1.2 and stronger ciphers

Important! PPSR has been upgraded to TLS1.2.

You must use TLS 1.2 with the specified strong ciphers below or you will NOT be able to access the PPSR using your B2G connection.  

  • AES128-SHA256
  • AES256-SHA256
  • ECDHE-RSA-AES128-SHA256
  • ECDHE-RSA-AES128-GCM-SHA256

When did the update take place?

This change was applied to PPSR Production on Wednesday 21 March 2018.

If you cannot transact in Production, please commence upgrades of your system to enable TLS 1.2

For any further assistance, please contact us.

TLS server certificate

TLS is used to provide transport layer encryption for all transactions through the PPSR B2G interface.

This encryption is handled by TLS server certificates, which allow secure connections to be created between the PPSR B2G servers and your B2G servers.

Current version of TLS

TLS is used to provide transport layer encryption for all transactions through the PPSR B2G interface.

This encryption is handled by TLS server certificates, which allow secure connections to be created between the PPSR B2G servers and your B2G servers.

Website Identification Certificate Supplier

What do you need to do?

Check that you have the following certificates in your trusted certificate authority list:

Root Certificate Authority: DigiCert High Assurance EV Root CA

Intermediate Certificate Authority: DigiCert SHA2 Extended Validation Server CA

Further information is available from: Digicert

Verify that you can access the Web User Interface, and can still transact through your B2G interface.

Will this impact me?

For most users of the PPSR, there will be no impact, as most devices will already trust DigiCert.  If you are in a tightly controlled operating environment or using old software, then this may impact you. 

Possible impacts are:

  • A warning when you access the PPSR via the Web User Interface
  • Complete inability to access the PPSR Web User Interface
  • Complete failure of your system to access the B2G channel

B2G password security

You should always keep your B2G password secure. Your account administrator can:

  • reset your password
  • view your password history
  • unlock your account for the PPSR Web UI.

 If you have the permissions, you can also manage your B2G password.

^
Was this information helpful?

We welcome your feedback to help us improve our website.
Unfortunately we are unable to respond to individual comments or suggestions.

For enquiries see the options available in our contact us section.