TLS Updates

To maintain the highest security standards for both browser-based and server-to-server connections, we will enable TLS 1.3 on the endpoints listed below. This enhancement is optional and will supplement the existing TLS 1.2 support, which will remain in place with no plans for removal.

The changes will be implemented on the following dates and endpoint URLs:

Testing environment

: May 26, 2026

Production environment

: June 2, 2026

Please contact your Customer Support representatives for any questions you may have about this change.

In alignment with new CA/Browser Forum regulations, the maximum TLS certificate lifetime will be reduced gradually as follows:

• From today until March 15, 2026, the maximum lifetime for a TLS certificate is 398 days.

• March 15, 2026, the maximum lifetime for a TLS certificate will be 200 days.

• March 15, 2027, the maximum lifetime for a TLS certificate will be 100 days.

• March 15, 2029, the maximum lifetime for a TLS certificate will be 47 days.

For more information about the TLS certificate lifetime changes, please visit the following link:

Server level (leaf) SSL/TLS certificates issued by Cybersource will remain valid until their scheduled expiration. Server level (leaf) TLS certificates have shorter lifespans and must be reissued more frequently. Cybersource therefore recommends that clients trust the root certificate instead.

We continue to recommend trusting the Root TLS certificates for all secure endpoints. This approach removes the need for periodic renewal of server level certificates and helps prevent connection failures caused by expired leaf certificates.

Contact your server administrator or your network support team.

Be sure that you continue to trust the root certificate to maintain connectivity with supported endpoints. You can download the root certificate here:

Please contact your Customer Support representatives for any questions you may have about this change.