Security between your B2G servers and the PPSR is provided by the transport layer security (TLS) protocol. TLS is the now the only supported protocol. Secure socket layer (SSL) is no longer used due to vulnerabilities identified with the SSL protocol.
Your security is also protected by your B2G password. It is important to keep this password safe.
TLS server certificate
TLS is used to provide transport layer encryption for all transactions through the PPSR B2G interface.
This encryption is handled by TLS server certificates, which allow secure connections to be created between the PPSR B2G servers and your B2G servers.
Current version of TLS
Ensure all TLS certificate paths within your B2G software interface are kept up to date with the most recent certificate authorities available.
TLS authentication errors can occur if the TLS certificate stored within your B2G software application programming interface (API) is not up to date. You can avoid this by making sure you accept all critical updates.
Website Identification Certificate Supplier
What you need to do?
Check that you have the following certificates in your trusted certificate authority list:
Root Certificate Authority: DigiCert High Assurance EV Root CA
Intermediate Certificate Authority: DigiCert SHA2 Extended Validation Server CA
Further information is available from: https://www.digicert.com/digicert-root-certificates.htm
Verify that you can access the Web User Interface, and can still transact through your B2G interface.
Will this impact me?
For most users of the PPSR, there will be no impact, as most devices will already trust DigiCert. If you are in a tightly controlled operating environment or using old software, then this may impact you.
Possible impacts are:
- A warning when you access the PPSR via the Web User Interface;
- Complete inability to access the PPSR Web User Interface;
- Complete failure of your system to access the B2G channel.
B2G password security
Keep your B2G password secure. Your account administrator can reset your password, view your password history and unlock your account the PPSR Web UI. If you have the permissions, you can also manage your B2G password.