Update June 1st 5:10pm EDT
Update; We will be extending the deadline, TLS 1.0 and 1.1 should be able to connect again. I will share more information when I have a specific date. However, this date will be before June 30th 2018, as that is the global deprecation date, after which you will not be PCI Compliant.
The extended deadline is June 20th, 2018.
As part of our commitment to providing a safe and secure platform, as of May 31, 2018, Shopify will be halting support for outdated TLS 1.0 and 1.1 security protocols.
Why is Shopify making this change?
This update is being made in accordance with new regulations set by the Payment Card Industry Data Security Standard (PCI). To read the official statement from PCI on TLS 1.0, click here.
What action am I required to make?
In order for your app to continue to be function on Shopify, you will need to ensure that your applications are able to connect with our APIs using TLS 1.2. If your app only supports TLS 1.0 or 1.1, you will need to upgrade it to 1.2 by May 31st, 2018.
Shopify Apps Team
@Jack @Paul: There is a subscribe button in the API Changes forum. Once you're subscribed you'll receive a mail whenever there are any updates: https://ecommerce.shopify.com/c/api-announcements/t/api-announcements-forum-subscribe-to-stay-up-to-...
Given the short notice, can Shopify provide a test endpoint that only supports TLS1.2 so app developers can test against it for compliance before the deadline? The test endpoint can reply back whether the connection is TLS1.2 compliant or not.
Otherwise quite a bit of scrambling will happen on the cutover date which can be avoided by allowing app developers to test ahead of time.
I think it is a fair request. Ideally the test endpoint should not require any api permissions to connect.
Thanks to the apps team for looking into providing a test endpoint. That would be the best option for developers to be 100% sure of compliance ahead of the deadline.
In the meantime, please share some of the tools outside of Shopify domain to test TLS 1.2 compliance that you mentioned in your reply. It will be useful for anyone following this thread.
One great tool is https://www.ssllabs.com/ssltest/ for testing your web server. If you prefer to run your scans locally there are great open source tools such as https://github.com/prbinu/tls-scan. Many more are available if these don't fit your specific case, just a quick search away!