-
Expand/CollapseMenu
- TLC Home Home
- Discussions Discussions
- Documentation Documentation
- Knowledge Base Knowledge Base
- Education Education
- Blog Blog
- Support Desk Support Desk
-
Expand/CollapseMenu
TLS (Transport Layer Security) is the protocol for establishing secure communication over HTTPS. Due to evolving internet standards, support for the older TLS 1.0 and TLS 1.1 has been deprecated across the major web browsers and TLS 1.2 is now the recommended minimum.
What is changing?
Update Planned for June 1st, 2021
Tealium has security standards that require our endpoints to use TLS 1.2 and to end support for TLS 1.0/1.1. This also includes ending support for non-secure connections over HTTP.
This update affects the following Tealium Collect endpoints:
datacloud.tealiumiq.comcollect.tealiumiq.comuconnect.tealiumiq.com
While these endpoints already support TLS 1.2 as a security best practice, they also support TLS 1.0/1.1 for backwards compatibility. This update will end that support for TLS 1.0/1.1.
After June 1, 2021, Tealium Collect will no longer support TLS 1.0/1.1 encryption.
What is the impact?
The impact to users will be minimal since modern browsers already default to using TLS 1.2. According to the Google Security Blog, "only 0.5% of HTTPS connections made by Chrome use TLS 1.0 or 1.1." We estimate the impact to Tealium Collect to be less than 0.1% of all events collected.
Starting June 1, 2021, Tealium Collect endpoints will no longer accept requests from older web browsers and devices that do not support TLS 1.2 (or newer). Similarly, requests to Tealium Collect endpoints using HTTP (non-secure) will result in the response 301 Moved Permanently.
What do I need to do?
In most cases, you won't need to take any action. The default behavior of the Tealium Collect tag and mobile library is not affected. Visitors to your brand site or mobile app that use the default Tealium Collect installation will not be affected.
However, if you have a customized implementation of Tealium Collect that uses a hard-coded HTTP endpoint, then you are affected. Update any HTTP Tealium Collect endpoints to use HTTPS or the default endpoint.
The most common example would be a Tealium Collect tag with the Server field set to a custom URL using http://, as seen here:
Simply update the URL to use https:// and publish the changes.
For mobile apps, if you override the default Tealium Collect endpoint with a custom URL using http:// , then change the URL to use https://.
Additional Resources
- Tealium Collect Tag Setup Guide
- Managing Templates
- Tealium for Swift: config.overrideCollectURL
- Tealium for Android: config.overrideCollectUrl
-
Jane_PS
on:
Support Challenge Winner Spotlight: Tarun Kumar
- ksmith on: Introducing CCPA Consent Manager for Tealium iQ Ta...
- ThijsvanOirscho on: Introducing Server-Side User Permissions
-
mitchellt
on:
New Location Tracking and Geofencing Feature for M...
- KristenMeren on: Get More Out of Customer Data with Machine Learnin...
- Tony_Taliaferro on: Introducing the View-Through Tracking Extension
-
Tirrusri
on:
Release Notes - December 2018
-
zed_haque
on:
Hosted Data Layer Now Supports JSON Files
-
TealiumJustin
on:
Tealium Release Notes - April 2018
-
tamedbeast
on:
Introducing Product Ideas
Copyright All Rights Reserved © 2008-2023