Hi there, I am working on an app which is based on python27 and deployed on Google App Engine (Standard env). The app basically exposes most of its functionalities via REST APIs. And there are lot of customers who have integrated these APIs in their platforms.
I just ran a security scan of the app and found out that it is still supporting TLS1.0. By reading on it a bit, I found out that Google front end has intentionally supported the old versions of TLS in order to make the apps work with every client side browsers (or for backward compatibility). I have also figured out the way to disable the old versions of TLS for the app (that would be by contacting Google Support). However, before doing so I would like to know which of the customers are using TLS1.0 for communicating to the app so that I can give heads up to those customers and not to break them unexpectedly (because after Google has disabled the TLS1.0 for the app the customers who are using TLS1.0 won't be able to access the app). I have already went through the Stack Driver logs to see if it can provide any information about TLS versions with each API call being made to the app but it does not have such information. So, is there any way to figure out which API calls are being made with TLS1.0? From the API calls logs I can figure out customers. -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to google-appengine+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/google-appengine/39b7e5e7-10cf-4404-8248-b61046af341d%40googlegroups.com.
