Skip to main content

TLS compatibility

Learn more about how Envoy works with TLS below.

Updated today

Important: Envoy no longer supports TLS v1.0 or v1.1. To continue securely accessing the Envoy dashboard and APIs, you must use TLS v1.2 or higher. As of 2019, older browser versions and systems that do not support TLS v1.2+ cannot connect to Envoy.

About TLS

Transport Layer Security (TLS) is the cryptographic protocol that secures your web connections. It encrypts the data sent between your browser and Envoy, ensuring privacy and protecting sensitive information like login details or payment data.

Outdated TLS versions

We’re committed to protecting your privacy and making Envoy as secure as possible. For this reason, we no longer support TLS v1.0 and v1.1

Current TLS versions

Envoy will support TLS v1.2 and TLS v1.3, which is considered the safest, most reliable method for transferring data online.

What you need to know

If you are using a modern browser, TLS v1.2 is already enabled by default. No action is needed.

If you’re on an older browser version, you may need to update your browser (or talk to your IT team) to continue using Envoy.

Check your setup:

Option 1: Online test

  1. Scroll to Protocol Features.

  2. Look for TLS 1.2 or TLS 1.3.

    1. If it says Yes in green, you’re good.

    2. If it says No, update your browser.

Option 2: Browser version check

  1. Find your browser name and version.

  2. Compare against your browser vendor’s TLS support documentation.

    1. If TLS 1.2/1.3 is supported by default, you’re all set.

    2. If not, update your browser or reach out to your IT team.

Note: Envoy does not formally endorse these sites. They are provided only as resources to help you check compatibility.

Microsoft Edge

Compatible by default

Desktop and mobile versions (Edge 79+, Chromium-based)

Compatible by default

Microsoft Internet Explorer (IE)

Compatible with the most recent browser version only

IE 11

Compatible by default (TLS 1.2, not TLS 1.3)

IE 10 and below

Not compatible

Mozilla Firefox

Compatible with the most recent browser version, regardless of operating system

Firefox 27 and higher

Compatible by default (TLS 1.2)

Firefox 63 and higher

Compatible by default (TLS 1.3 added)

Firefox 23 to 26

Capable, but not by default

Firefox 22 and below

Not compatible with TLS 1.2

Google Chrome

Compatible with the most recent browser version, regardless of operating system

Chrome 38 and higher

Compatible by default (TLS 1.2)

Chrome 70 and higher

Compatible by default (TLS 1.3 added)

Chrome 22 to 37

Capable, but not by default (requires newer OS support)

Chrome 21 and below

Not compatible with TLS 1.2

Apple Safari (macOS)

Compatible with the most recent browser version, regardless of operating system

Safari 7 and higher (OS X 10.9+)

Compatible by default (TLS 1.2)

Safari 12.1 and higher (macOS Mojave+)

Compatible by default (TLS 1.3)

Safari 6 and below (OS X 10.8 and earlier)

Not compatible with TLS 1.2

Apple Safari (iOS / iPadOS)

Compatible with the most recent browser version, regardless of operating system

iOS 5 and higher (Mobile Safari 5+)

Compatible by default (TLS 1.2)

iOS 12.2 and higher

Compatible by default (TLS 1.3)

iOS 4 and below

Not compatible with TLS 1.2

Android Browser / WebView

Compatible with the most recent browser version, regardless of operating system

Android 5.0 (Lollipop) and higher

Compatible by default (TLS 1.2)

Android 10 and higher

Compatible by default (TLS 1.3)

Android 4.4

Capable, but not by default

Android 4.3 and below

Not compatible with TLS 1.2

API clients and integrations

If you connect to Envoy through APIs or integrations, make sure your client libraries and servers also support TLS v1.2 or v1.3:

  • Envoy APIs: Any API client must support TLS v1.2/1.3 to upload employee directories or access account data.

  • Active Directory integration:

    • Ensure your servers are configured for TLS v1.2/1.3 by default.

    • Envoy’s provided Active Directory PowerShell script has been updated to force TLS v1.2. Look for the “# Force TLS 1.2” comment in the code. Learn more about our Active Directory integration.

Did this answer your question?