Keeping Beefree SDK safe and secure is our top priority, so we wanted to let you know about upcoming changes to our TLS configurations. These changes may affect your application’s ability to interact with the SDK, so please read this note carefully.
What’s changing On March 25, 2025, we will start making changes to our TLS configuration to stop supporting ciphers that are no longer considered secure. If your application is using older, low-strength ciphers to connect to the SDK, you (and your end users) will experience issues when using the SDK.
What do you need to do now? Please ensure your application can handle these changes before March 25, 2025. Here is everything you need to know to prepare:
What ciphers are considered secure? TLS1.3 secure ciphers:
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 Ciphers not listed above are no longer considered secure—and the Beefree SDK will no longer support them.
Which endpoints are impacted? While we’ll stop supporting insecure ciphers on all our API endpoints, we know that server-to-server connections are more likely to still rely on insecure ciphers. That’s why we encourage you to double-check your setup for the following crucial endpoints that are called in a server-to-server connection:
Auth endpoint: auth.getbee.io/ Content Services API endpoint: api.getbee.io/
Test endpoints to help you validate your setup We’ve set up two temporary endpoints with the TLS changes already applied that you can use to test against.
If any of your tests with the temporary endpoints fail, you’ll need to update your application to support the new TLS settings.
Please be aware that there is no expectation of uptime on these endpoints and that they will be shut down once we apply the TLS changes to our production endpoints. They should only be used for temporary testing of non-production traffic.
Timeline To further reduce the risk of TLS changes impacting our clients’ integrations, we’re also performing a brownout test before updating our TLS configuration permanently:
March 25, 2025, between 4pm-6pm CET Perform a “brownout” test, where we cut over to the new configuration for a short period of time in production: Auth endpoint: 1h brownout between 4pm and 5pm CET Content Services API endpoint: 2h brownout between 4pm and 6pm CET
Any customers still using insecure ciphers will experience issues during this timeboxed test — a final warning to take action before the final cutover. We don’t want you and your customers to run into any issues, so please ensure you use secure ciphers before this date.
April 8, 2025: Cut over production to new configuration permanently. We will also decommission temporary testing endpoints. If you have any questions, please reach out to us at pluginsupport@beefree.io.