Chartbeat is committed to enhancing security and maintaining compliance with the latest industry standards. Soon we will be updating our policies regarding the use of Transport Layer Security (TLS) versions and cipher suites across our systems.
What's happening?
We will be depreciating support for TLS versions 1.0 and 1.1 and older, less secure cipher suites.
Effective October 1st, 2024, only TLS version 1.2 and higher will be supported for all encrypted connections. The supported TLS Ciphers are:
- TLS_AES_128_GCM_SHA256
- TLS_AES_256_GCM_SHA384
- TLS_CHACHA20_POLY1305_SHA256
- ECDHE-ECDSA-AES128-GCM-SHA256
- ECDHE-RSA-AES128-GCM-SHA256
- ECDHE-ECDSA-AES256-GCM-SHA384
- ECDHE-RSA-AES256-GCM-SHA384
When will this change take place?
The changes will be made on October 1st, 2024.
How will this impact me?
Visitors to your site who are using browsers with outdated TLS and Cipher versions will no longer be tracked by Chartbeat. From our analysis, we expect the impact on customers’ traffic data to be statistically insignificant as these visitor sessions make up less than 0.001% of total website views for the vast majority of publisher sites in our network.
In addition, any API calls being made to api.chartbeat.com with outdated TLS and Cipher versions will no longer work.
What action do I need to take?
In order to continue uninterrupted service to the Chartbeat API, ensure that all your requests to our API endpoints at api.chartbeat.com are made using the supported TLS and Cipher versions listed above.
Please reach out to support@chartbeat.com if you have any further questions. We appreciate your support and understanding as we make these updates to keep your data secure and Chartbeat running smoothly.