As communicated in January 2022, D2L would be disabling support for any TLS encryption protocols less than 1.2.
What has been completed:
All customer test (non-production) instances have been updated to support TLS 1.2
All customer production instances have been updated to support TLS 1.2
Who should I contact if I experience any issues:
Please contact D2L’s support team
We will be disabling the TLS 1.1 encryption protocols by the end of July 2022. This will prevent anyone still using TLS 1.1 from accessing all their D2L services.?
While we are allowing time for impact assessment, D2L recommends migration to TLS1.2 as quickly as possible in advance of the July 2022 deprecation date. Note that higher versions of TLS (ie: TLS 1.3) are NOT supported.
It is important to note that Brightspace compatible browsers and up-to-date operating systems should already support TLS v1.2.
What is TLS?
TLS stands for “Transport Layer Security.” It’s a protocol that provides privacy and data integrity between two communicating applications. It’s the most widely deployed security protocol used today and is used for web browsers and other applications that require data to be securely exchanged over a network. TLS ensures that a connection to a remote endpoint is the intended endpoint through encryption and endpoint identity verification.
Why is this happening?
At D2L, Trust is our #1 value and D2L is focused on continually helping you improve your security by using the latest security protocols.? To align with industry best practices, D2L will require TLS 1.2 encryption protocol in an effort to maintain the highest security standards and promote the safety of client data.
Industry recognized standard, Internet Engineering Task Force (IETF) officially deprecated TLS 1.1 in March 2021 (Information on RFC 8996 » RFC Editor ).
Why is TLS 1.1 no longer being supported?
TLS 1.1 is an out-of-date protocol that does not support modern cryptographic algorithms, and contains security vulnerabilities that may be exploited by attackers.
How will I be impacted??
If you do not support TLS 1.2, any inbound connections to or outbound connections from the D2L instance that rely on any TLS version less than 1.2 will fail to connect.
See this page for web browser compatibility with TLS 1.2 or above.
When is this happening?
Deprecation will be completed by the end of July 2022.
As of Aug 1st 2022, D2L services will not support TLS 1.1 browser connections.
What action do I need to take?
The action required by your organization to avoid a service disruption will depend on which channels are used to access your D2L instance as well as which D2L services are in use by your organization.
For end-user web browsing please upgrade to a Brightspace compatible version of your browser of choice. TLS 1.2 has been supported for a number of years and can be validated by going to and reviewing the Protocol.
Figure: Protocol Features for TLS.
For all third party integrations please work with your Information Technology team and software vendors to determine if there will be any impact to your organization and identify the necessary steps to remediate. This includes integrations with Student Information Systems or Identity Management Systems integrating with Brightspace. Once your organization has taken all the necessary steps and upgraded these tools to use TLS 1.2, you will need to validate that your integrations continue to function. D2L is unable to perform any necessary testing for your integrations but ensures that TLS 1.2 is supported today for you to test against.
Applications that have been built using the Brightspace API should be reviewed. Using the Manage Extensibility tool you will find a list of applications that have been approved to retrieve or send data to Brightspace.? You will need to speak to the developers of those applications and coordinate the upgrades that may be required.
Can this be applied to my test site first?
Unfortunately, for technical reasons, we are not able to schedule disabling TLS 1.1 on test sites separately from production sites. They will all be updated at the same time.
Who can I reach out to if I have further questions??
Please review the article and post any questions you have in the community. https://www.ssllabs.com/ssltest/viewMyClient.html