Beginning on September 30th, 2021 the Nexus IQ Data Services will no longer support version 1.1 and older of the Transport Layer Security (TLS) protocol. All HTTPS requests will then be required to use TLS 1.2 or newer.
Background
The TLS 1.1 protocol and its even older versions are considered insecure for several years now. We already discontinued support for these protocol versions for the Central Repository back in 2018. By 2020, most web browser vendors equally had removed support for TLS 1.0/1.1. And in March 2021, RFC 8996 officially deprecated these TLS versions.
Based on analysis of our logs, we feel the time is ready to equally increase the security for the Nexus IQ Data Services without leaving a significant number of our end users struggling to comply with the new requirement.
Impact
The Nexus IQ Data Services provide component information for all editions of Nexus IQ Server and the Repository Health Check feature in Nexus Repository Manager. For these products to successfully connect to the IQ Data Services going forward, they need to employ a Java runtime environment of version 8 or newer.
Java 8 is required by Nexus IQ Server since version 1.42 and by Nexus Repository Manager since version 2.14.11. End users running these or newer product versions do not need to take further action.
If you are among the few still running our products on Java 7, you need to upgrade their runtime to Java 8. This runtime is supported by Nexus IQ Server since version 1.15 and by Nexus Repository Manager since 2.10.
Continued use of Java 7 after the cutover date will result in connection errors with messages like “Received fatal alert: protocol_version” or “peer not authenticated”.