The End is Near: After decades, TLS 1.0 & 1.1 go end-of-life in March

By March 5, 2020 Alerts, Blog, Technical

Waratek makes compliance easy

The world of computing was very different in 1999. U.S. online retail sales totaled $15B according to the Department of Commerce, but online worldwide sales figures were not yet tracked on a global basis. In 2019 online retail sales topped $3.5T – that’s trillion with a T – around the world.

1999 was also the year the Transport Layer Security (TLS) 1.0 protocol was adopted to make online computing and transactions more secure. TLS 1.1 followed in 2006. While TLS 1.2 and 1.3 are the current standards, TLS 1.0 & 1.1 are still in use but non-compliant. Both are being deprecated on March 31, 2020.

Organizations must move to TLS 1.2 or 1.3 by that date or find themselves unable to complete web transactions using browsers from Microsoft, Google, Apple, Mozilla, or other common browsers. The PCI Standards Council has required members to upgrade to TLS 1.2 since 2018, but the use of the previous TLS versions remains higher than expected.

With compliance at risk and the major tech companies forcing an upgrade, why do organizations find it difficult to make the switch to a more secure technology? That’s simple: It’s costly and complex to rewrite enterprise software.

Recompiling an application or migrating to newer platforms is not possible in many cases. It’s certainly not scalable in enterprise environments where thousands of applications are deployed on all possible versions of Java and .NET platforms.

Waratek’s agent-based Upgrade solution allows legacy applications to use the latest TLS protocols and cipher suites without the need to recompile their source code or migrate to a newer runtime. For example, legacy Java versions (such as Java 6, 7 or 8) run as guest JREs inside a host JVM.

With this feature enabled, the application no longer uses its own out-of-date TLS protocols, but rather offloads this functionality to the most current and patched host JVM. Deploying Waratek Upgrade helps enterprises become instantly compliant with the latest TLS standards.

Applications are also automatically protected against common cryptographic vulnerabilities such as “Use of a Broken or Risky Cryptographic Algorithm” (CWE-327) and “Inadequate Encryption Strength” (CWE-326).

To learn more about how Waratek can help you achieve TLS compliance and improve your overall security posture, visit or contact us at +1 770 720 1678.


John Matthew Holt is the Founder & CTO of Waratek.

John Matthew Holt

Author John Matthew Holt

John Matthew Holt is CTO and Founder of Waratek. He is the inventive inspiration and technical driving force behind Waratek’s groundbreaking research and development into distributed computing and virtualization technologies, which has led to the granting of over 50 patents to date with many more pending.

More posts by John Matthew Holt