Avalara has published that anyone using TLS 1.x on their REST API would lose access do some poking on the forum there’s some info out here.
View this email in your browser Safelist Avalara
AVALARA UPDATE
Upcoming changes to Avalara security infrastructure
Hi Greta,
With our commitment to the security of our customers’ information, Avalara will discontinue support for Transport Layer Security (TLS) version 1.0 and 1.1.
Disabling support of TLS version 1.0 and 1.1 is an ongoing, industry-wide effort to replace obsolete protocol configurations, emphatically recommended by the National Security Agency. See here for more information.
What this means for you:
Avalara will be disabling TLS version 1.0 and 1.1 on the following schedule in 2022:
• February 1, the TLS 1.0 and TLS 1.1 protocols will be disabled on Sandbox environment – TLS 1.2 only for all integrations
• March 31, the TLS 1.0 and TLS 1.1 protocols will be disabled on Production environment – TLS 1.2 only for RESTv2 API end points
• December 31: Production environment – TLS 1.2 only SOAP and REST v1 endpoints
What needs to be done?
You will need to test your Avalara AvaTax integration using your sandbox account and appropriate sandbox URL. If you need a universal sandbox account to test your AvaTax account after the TLS 1.2 upgrade, click here for information. If your system is successful at calculating tax or a test connection succeeds, then your system is secure, and no changes are needed.
Steps to test your AvaTax integration using a sandbox account and the appropriate sandbox URL can be found here.
What happens on March 31, 2022?
Avalara will discontinue support for TLS version 1.0 and 1.1 on our Production RESTv2 API endpoint. If any of your client software is still using these versions to connect to this endpoint, you will need to update to 1.2 or your connection will fail.
Thanks,
Avalara Product Support