In keeping with industry standards, Sauce Labs will be fully deprecating support for TLS v1.0 and TLS v1.1 protocol versions as of February 1st, 2020. This will affect all https traffic, including:
- Test runners
- API clients
- Web browsers that access the Sauce Labs UI
As of November 2019, the great majority of https traffic to the Sauce Labs service uses TLS 1.2 (99.9% or higher). Most customers will not need to take any advance action; where possible, customers known by Sauce Labs to be using older versions of TLS have already been notified directly. Nonetheless, customers should verify the following in advance of February 1st:
Any test runner that uses the Sauce Labs cloud (the app.saucelabs.com or app.testobject.com application or REST interfaces at saucelabs.com/rest/* path) must use versions of Java that support TLS 1.2. This may affect Bamboo, Jenkins, Jira Server, Confluence Server, or any other Java-based systems that connect to Sauce Labs. Customers will need to check the underlying version of Java used in these programs and, if necessary, upgrade them to versions that support TLS 1.2.
Unaffected Java versions:
- JDK 8 and later
- JDK 7 versions 1.7.0_131-b31 and higher
Affected Java versions:
- JDK 7 versions earlier than 1.7.0_131-b31
- JDK 6 and earlier
Similar steps should be taken for any programs making requests to the above URIs that rely on OpenSSL or Python’s ssl module.
Similarly any test runner that uses the Sauce Labs ondemand endpoints at https://ondemand.saucelabs.com (and the equivalents for the EU and US-East/Headless data centers) must support TLS 1.2 as of date TBD.
Any API client (such as curl) that queries a Sauce Labs API endpoint must support TLS 1.2. Check the libraries they use to connect to our rest API at api.saucelabs.com or saucelabs.com/rest/* and be sure these libraries support TLS 1.2.
Connection requests that are not in compliance with the TLS 1.2 protocol version or higher will result in an HTTP response code of 406 or an SSL handshake protocol version failure.
Browsers that load the Sauce Labs UI at https://app.saucelabs.com (and the equivalents for the EU and US-East/Headless data centers) and https://app.testobject.com) must use TLS 1.2 or higher. A full list of such browsers: https://en.wikipedia.org/wiki/Transport_Layer_Security#Web_browsers
Loading this page in a browser will report if the browser supports TLS 1.2: https://www.ssllabs.com/ssltest/viewMyClient.html
Some browsers also make the TLS version visible in their developer tools or after clicking the padlock icon in the address bar.