In Early May of 2018, Nexmo send out a letter to all customers where they were discontinuing the support for TLSv1 and TLSv1.1 protocols. The decision was made in respect and to protect customer data following the payment card industry security council suggestions (PCI SSC).
On May 28th the protocol is finally being moved to TLSv1.2 and the discontinuation of prior versions of TLS is finalized.
During initial testing was found that, although CURL supports TLS negotiation, depending of the version of the system that it is being used, the negotiation could result in a unknown cypher which would result in returning a protocol that is not the expected TLSv1.2.
To fully support this migration the following changes were made:
1 - enforce CURL SSL version to use TLSv1.2
2 - enforce CURL to verify the SSL peer.
With this commit a few improvements has been made:
1 - Documentation on the NexmoClient Class
2 - Improved the jsonRequest function from NexmoClient to always return an array, following documentation, which would require an error to be returned if the http response code was not 200.
3 - Adding the vendor directory into the gitignore file
4 - Creation and use of a NexmoResponseCode class that will have every possible response code that is returned from the Nexmo API. The goal of the class is to ensure clarity.
In Early May of 2018, Nexmo send out a letter to all customers where they were discontinuing the support for TLSv1 and TLSv1.1 protocols. The decision was made in respect and to protect customer data following the payment card industry security council suggestions (PCI SSC).
On May 28th the protocol is finally being moved to TLSv1.2 and the discontinuation of prior versions of TLS is finalized.
During initial testing was found that, although CURL supports TLS negotiation, depending of the version of the system that it is being used, the negotiation could result in a unknown cypher which would result in returning a protocol that is not the expected TLSv1.2.
To fully support this migration the following changes were made:
1 - enforce CURL SSL version to use TLSv1.2 2 - enforce CURL to verify the SSL peer.
With this commit a few improvements has been made:
1 - Documentation on the NexmoClient Class 2 - Improved the jsonRequest function from NexmoClient to always return an array, following documentation, which would require an error to be returned if the http response code was not 200. 3 - Adding the vendor directory into the gitignore file 4 - Creation and use of a NexmoResponseCode class that will have every possible response code that is returned from the Nexmo API. The goal of the class is to ensure clarity.