You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.
Forum Discussion
Greg-DB
Dropbox Staff
Dropbox StaffReminder: The Dropbox API will no longer accept TLS 1.0 or 1.1
Beginning on or after April 13, the Dropbox API will require that calls use TLS 1.2 or greater. Traffic using TLS 1.0 or 1.1 will be rejected.
The latest Dropbox SDKs will select TLS 1.2 when a...
Hi Dropbox,
We have received the mail regarding to this issue, stating that:
"We’re reaching out because your app(s) ... have recently made calls to the Dropbox API using a deprecated TLS protocol version."
We would like to confirm the following:
1. Does that mean our app did make calls using a deprecated TLS protocol version so that we received this mail? Or, is this just a notification regardless of whether our app communicates with deprecated TLS protocol version?
By testing with our app, it seems that the latest version of our app uses the TLS 1.2 and 1.3 protocol version. If receiving this mail is a proof of using deprected TLS protocol version by our app, then the only possible reason may originate from some of our customers who still uses older version of our app, which may be kind of wierd. Also, do you have any recommended way to test on which TLS version our app is really using?
2. We are using the curl library to send API to dropbox with the setting of CURL_SSLVERSION_TLSv1. Under this setting, although it seems that we will use the TLS 1.2 or 1.3 (depending on the version of curl library), in case we may still send with TLS 1.0/1.1, we would like to know after the deprecation of TLS 1.0/1.1 on April 13, will the request be fallback to use TLS 1.2 or 1.3 automatically? Also, is there any approach to test this situation?
Look forward to your reply, thank you!
- Greg-DB
DreamingDev 1. If you received that email it means your app sent some amount of TLS 1.0 or 1.1 traffic to the Dropbox API recently. If you’ve already updated your app, this traffic is likely coming from users still on an old version of your app. We don't have a way to simulate the change, but I'll pass this along as a feature request. I can't promise if or when that might be implemented though.
2. I can't provide support for specific third party network clients as they're not made by Dropbox, but in general yes, network clients should automatically use the best available and compatible protocol version. As above, I can't offer a way to test this ahead of time, but you may be able to enable some logging on your network client to check the protocol version being used.
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
