Esri will require TLS 1.2 connections for ArcGIS Online services as of April 16, 2019. Immediate action may be needed for any clients or systems that connect to ArcGIS Online.
Esri strives to implement the highest security standards across its entire suite of products by using the most robust, widely accepted security protocols, including Transport Layer Security (TLS) for privacy and data integrity. The ArcGIS platform uses the TLS protocol as a key component of its security for web and service API connections, including connections between other Esri software products.
ArcGIS Online currently supports connections using TLS versions 1.0, 1.1, and 1.2. To continue providing strong security, Esri will require TLS 1.2 connections for ArcGIS Online services as of April 16, 2019. Action may be required prior to this change to ensure continued access to ArcGIS Online services.
Impact on the ArcGIS Platform
Esri has released patches and instructions on how to update existing software to support these connections. Some Esri software, such as ArcGIS Pro, is already TLS 1.2 enabled, while other Esri technology, such as ArcGIS Desktop, requires a patch or a configuration change to support TLS 1.2 connections. Take a look at the list of affected products, which also has information on actions you may need to take.
Who Is Affected?
If any of the following use cases apply to you or your organization, you may need to enable TLS 1.2 connections by April 16, 2019.
- If your workflows require access to ArcGIS Online basemaps, story maps, ArcGIS Living Atlas of the World, hosted items, or other ArcGIS Online services, the software you use that accesses ArcGIS Online will need to support TLS 1.2 connections to those services.
- If you host a GIS portal with ArcGIS Enterprise that connects to ArcGIS Online, then you need to ensure that your ArcGIS Enterprise deployment—including ArcGIS Server instances and Portal for ArcGIS—is updated to support TLS 1.2 connections to ArcGIS Online.
- If you utilize ArcGIS apps or third-party apps built on ArcGIS Runtime SDKs that access ArcGIS Online from your desktop or mobile devices, verify that those apps and device operating system configurations support TLS 1.2 connections.
- If you have built any custom apps that access ArcGIS Online, make sure that those apps and device operating system configurations support TLS 1.2 connections to ArcGIS Online.
- If your organization is raising its network security requirements to demand TLS 1.2 or later and disabling previous TLS and SSL versions, ensure that your software and operating system environments are updated to support those new internal IT requirements with TLS 1.2.
Use these resources to help determine whether you need to take any action to update your software or operating system configurations to support TLS 1.2 with the ArcGIS family of products. If your apps are affected, you must take action to ensure continued access.
- Esri software that requires action includes ArcGIS Desktop, apps that are built on and extend ArcGIS Desktop, ArcGIS Enterprise, apps built with ArcGIS Engine (ArcObjects), and partner extensions that access ArcGIS Online services. Look up the Esri products you have, and determine whether you use Esri software that will be impacted.
- Perhaps you have questions about the ArcGIS Online implementation of TLS 1.2 and how this affects the ArcGIS platform. To ask a question or see an FAQ list, please refer to the TLS 1.2 FAQ technical support web page.
To stay up-to-date on security, privacy, and compliance-related announcements for the ArcGIS platform, subscribe to the RSS feed in the ArcGIS Trust Center.