Basic information
We would like to inform you that from June 3, 2024, we plan to disable support for the TLS protocol in versions 1.0 and 1.1 on our website, which, in accordance with applicable recommendations is no longer safe.
After implementing the recommendations, our websites will support the TLS protocol only in versions 1.2 and 1.3.
Disabling TLS in versions 1.0 and 1.1 may have a negative impact for our clients who use old (no longer supported) versions of operating systems such as Windows Server 2008 R2 and frameworks such as .NET 3.5 and earlier.
Addresses of temporary testing sites
Therefore, in order for you to be able to verify whether after disabling the above-mentioned TLS version, your systems will communicate correctly with our website, we have launched it temporary test site, thanks to which you can check whether your systems are ready to support TLS versions 1.2 and 1.3. Addresses of issued proxy services:
- https://www.nip24.pl:8443/api – production environment
- https://www.nip24.pl:8443/api-test - testing environment
Attention! After production implementation, i.e. June 3, 2024, temporary test services for both environments will be off.
Libraries updated from the latest version
We strongly recommend that you update our libraries used in your systems when testing compliance with TLS 1.2 and 1.3. The latest versions of the libraries are always available on the website Download. Below is a list of libraries and their latest versions:
- Microsoft .NET library (C#, Visual Basic, SQL Server, Access, Dynamics, FoxPro and others) v1.4.8
- Java library v1.4.0
- PHP library v1.4.0
- JavaScript library (Node.js/Web) v 1.3.1
- C/C++ library v1.3.9
- Python library v1.4.0
Library configuration for compatibility testing
In each of the libraries, it is possible to explicitly set a custom API address. Below are examples for each of the libraries.
C# (.NET)
For the test environment:
NIP24Client nip24 = new NIP24Client();
nip24.URL = "https://www.nip24.pl:8443/api-test";
For production environment:
NIP24Client nip24 = new NIP24Client("id", "key");
nip24.URL = "https://www.nip24.pl:8443/api";
C/C++
For the test environment:
NIP24Client* nip24;
nip24_new(&nip24, "https://www.nip24.pl:8443/api-test", NIP24_TEST_ID, NIP24_TEST_KEY);
For production environment:
NIP24Client* nip24;
nip24_new(&nip24, "https://www.nip24.pl:8443/api", "id", "key");
Java
For the test environment:
NIP24Client nip24 = new NIP24Client();
nip24.setURL(new URL("https://www.nip24.pl:8443/api-test"));
For production environment:
NIP24Client nip24 = new NIP24Client("id", "key");
nip24.setURL(new URL("https://www.nip24.pl:8443/api"));
Javascript
For the test environment:
const nip24 = new NIP24.NIP24Client();
nip24.setURL('https://www.nip24.pl:8443/api-test');
For production environment:
const nip24 = new NIP24.NIP24Client('id', 'key');
nip24.setURL('https://www.nip24.pl:8443/api');
PHP
For the test environment:
$nip24 = new \NIP24\NIP24Client();
$nip24->setURL('https://www.nip24.pl:8443/api-test');
For production environment:
$nip24 = new \NIP24\NIP24Client('id', 'key');
$nip24->setURL('https://www.nip24.pl:8443/api');
Python
For the test environment:
nip24 = NIP24Client()
nip24.setURL('https://www.nip24.pl:8443/api-test');
For production environment:
nip24 = NIP24Client('id', 'key')
nip24.setURL('https://www.nip24.pl:8443/api');
Supported protocols and algorithms
Ultimately, after the update, our website will support the following protocols and algorithms:
SSL/TLS Protocols: SSLv2 disabled SSLv3 disabled TLSv1.0 disabled TLSv1.1 disabled TLSv1.2 enabled TLSv1.3 enabled TLS Fallback SCSV: Server supports TLS Fallback SCSV TLS renegotiation: Session renegotiation not supported TLS Compression: Compression disabled Supported Server Cipher( s): Preferred TLSv1.3 256 bits TLS_AES_256_GCM_SHA384 Curve 25519 DHE 253 Accepted TLSv1.3 256 bits TLS_CHACHA20_POLY1305_SHA256 Curve 25519 DHE 253 Accepted TLSv1.3 128 bits TLS_AES_128_GCM _SHA256 Curve 25519 DHE 253 Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM- SHA384 Curve 25519 DHE 253 Accepted TLSv1.2 256 bits ECDHE-RSA-CHACHA20-POLY1305 Curve 25519 DHE 253 Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve 25519 DHE 253 Accepted TLSv1.2 2 56 bits ECDHE-RSA -AES256-SHA384 Curve 25519 DHE 253 Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve 25519 DHE 253 Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve 25519 DHE 253 Accepted TLSv1.2 128 bits ECDHE- RSA-AES128-SHA Curve 25519 DHE 253 Accepted TLSv1.2 256 bits AES256-GCM-SHA384 Accepted TLSv1.2 128 bits AES128-GCM-SHA256 Accepted TLSv1.2 256 bits AES256-SHA256 Accepted TLSv1.2 128 bits AES12 8-SHA256 Accepted TLSv1.2 256 bits AES256-SHA Accepted TLSv1.2 128 bits AES128-SHA Server Key Exchange Group(s): TLSv1.3 128 bits secp256r1 (NIST P-256) TLSv1.3 192 bits secp384r1 (NIST P-384) TLSv1 .3 260 bits secp521r1 (NIST P-521) TLSv1.3 128 bits x25519 TLSv1.3 224 bits x448 TLSv1.3 112 bits ffdhe2048 TLSv1.3 128 bits ffdhe3072 TLSv1.3 150 bits ffdhe4096 TLSv1 .3 175 bits ffdhe6144 TLSv1.3 192 bits ffdhe8192 TLSv1.2 128 bits secp256r1 (NIST P-256) TLSv1.2 192 bits secp384r1 (NIST P-384) TLSv1.2 260 bits secp521r1 (NIST P-521) TLSv1.2 128 bits x25519 TLSv1. 2,224 bits x448 SSL Certificate: Signature Algorithm: sha256WithRSAEncryption RSA Key Strength: 2048 Subject: nip24.pl Altnames: DNS:nip24.pl, DNS:www.nip24.pl
If any problems occur, please send us a message at: kontakt@nip24.pl
In the message you send to us, please do not forget to provide the following information:
- environment in which the test was performed [TST / PRD]
- the exact date and time of the query
- content of the inquiry (NIP/REGON/KRS number)
- API key ID (only if testing in PRD environment)
nip24.pl team