TLS MANDATE
Important Notification Regarding TLS 1.2 Protocol Mandate
 
WHAT IS THE TLS MANDATE?
The Payment Card Industry ("PCI") council, as well as Visa and MasterCard, have issued a mandate that all Merchants and Service Providers configure their systems to use the TLS 1.2 standard for secure connections between systems. This means systems must disable SSL and earlier versions of TLS as they will no longer be compliant and will not be allowed to connect.

REFERENCES: PCI Council: Migrating from SSL and Early TLS

Note: In view of this, effective from 1st January 2018, CCAvenue will no longer support TLS 1.0 and TLS 1.1 over HTTPS on the www.ccavenue.com and secure.ccavenue.com domain.
Who Is Impacted?
All CCAvenue customers and merchants accessing any CCAvenue solution must upgrade /configure systems for use of TLS 1.2. This is a security requirement regardless if the data being accessed is PCI related or not. As this is an industry-wide initiative, your IT organizations should already be determining what actions are required to comply, including applications and systems beyond those connecting to CCAvenue.
Upgrade Requirements
There are two primary methods for communicating with CCAvenue PG:
  • Connecting to CCAvenue via a Web Browser while processing Transactions.
  • Connecting to CCAvenue via API Calls.
How to Test?
You may use our integration and API kits and hit the below mentioned UAT URLs enabled for TLS 1.2.
Application Module UAT URLs
New CCAvenue PG API https://logintest.ccavenue.com/apis/servlet/DoWebTrans
  Transactions https://test.ccavenue.com/
For those using the Old CCAvenue PG API Order Status Tracker
https://cctest.ccavenue.com/servlet/new_txn.OrderStatusTracker
Refund API Link
https:// cctest.ccavenue.com/servlet/ccav.Refund_NetBnk
  Transactions Redirect Billing Page Integration
https://cctest.ccavenue.com/shopzone/cc_details.jsp
Seamless Credit card
https://cctest.ccavenue.com /servlet/new_txn.MotoTrans
Seamless Netbanking
https://cctest.ccavenue.com/servlet/new_txn.PaymentIntegration
Steps to Migrate to TLS 1.2
Listing sample changes for JAVA applications:
  • If you are using jdk 1.8 and above, there would be no changes required as it uses TLS 1.2 by default.
  • If you are using jdk 1.7, you need to make changes in your code to use TLS 1.2 protocol. For your reference, here is a sample java code.
    Example:
    System.setProperty("https.protocols", "TLSv1.2");
    System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
    Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
  • If you are using jdk 1.6 and below, you have to mandatorily upgrade to latest jdk version, as jdk 1.6 does not support TLS 1.2 Protocol.
URLs for your reference:
CCAvenue applications accessed via Web Browser:
Customers must ensure they are using compatible browsers with appropriate configurations. In case of any TLS related errors, please upgrade the browser to the latest version.
We would be happy to help you ensure compatibility in any way we can. Please feel free to get in touch with us at service@ccavenue.com in case of any concerns. In case you wish to speak to us, you may call 022-67425555 EXT: 401-409