How can we help?

undraw_new_message_2gfk.png
We’re moving our guides on 9th March 2019. See a preview of their new home at help.turnitin.com.
Home > Integrations > Preparing your integration for TLS 1.2

Preparing your integration for TLS 1.2

On December 31st 2018, Turnitin will remove support for integrations using TLS versions 1.0 and 1.1.

Screen Shot 2017-02-22 at 11.55.43 AM.png

What is TLS?

 

Your connection with Turnitin is always encrypted as your data moves between your computer and our servers. The technical term for this form of protection is Transport Layer Security (TLS), although you might also know it as the padlock  in the address bar of a secure website. TLS protocol secures communication between the servers you use to integrate with Turnitin. 

 

To maintain this security standard and safeguard against vulnerabilities, on December 31st 2018, support will be removed for TLS versions 1.0 and 1.1.

Why are we making this change?


Vulnerabilities in TLS 1.0 and 1.1 could potentially leave users and organizations at risk of being breached. At present, there are no available fixes that can prevent the vulnerabilities that early versions of TLS offer. By addressing these issues, Turnitin is working to prevent attacks from widespread exploits of TLS vulnerabilities, such as POODLE (Padding Oracle On Downgraded Legacy Encryption) and BEAST (Browser Exploit Against SSL/TLS), which have taken advantage of the current weaknesses in early versions of TLS.

After support ends for TLS 1.0 and 1.1

 

Once support is removed for TLS versions 1.0 and 1.1, any inbound connections to Turnitin that rely on these versions will fail. This includes any LTI or API integration connections, including those from third-party Manuscript Tracking System (MTS) integrations.


To protect against current vulnerabilities, it is important that all inbound connections to Turnitin migrate to TLS 1.2 or later prior to December 31st 2018; this will ensure that services remain unaffected.

What do you need to do?

 

If you’re responsible for maintaining an integration with Turnitin using TLS versions 1.0 or 1.1, you must upgrade your connection to Turnitin using software that supports TLS 1.2.

Access to Turnitin's testing endpoint

 

Turnitin can provide a testing endpoint on a customer-by-customer basis for instances where you need assistance with validating your integration for TLS 1.2 compatibility. More importantly, this will ensure that your inbound connection to Turnitin experiences no downtime when support is removed for TLS 1.0 and 1.1 on December 31st 2018.

 

To request access to the testing endpoint, email tiisupport@turnitin.com. You should also speak to Turnitin Support if you find that your integration is unable to communicate via TLS 1.2.

Last modified

Tags

This page has no custom tags.

Classifications

(not set)