Technical Notice

Reminder - TLS Upgrade

March 1, 2018

Effective Monday, March 12, 2018, the FINRA TRACE, ADF and ORF Web API reference data downloads will no longer be accessible using the Transport Layer Security (TLS) 1.0 protocol. FINRA will disable TLS 1.0, and firms using that protocol will not be able to establish connectivity to FINRA’s secure web servers to download the files. To gain access to the FINRA API reference data downloads, firms must migrate to TLS versions 1.1 or 1.2 by March 12, 2018.

The protocols and cipher suites listed below will be the only supported ciphers and protocols by the API reference data downloads and the FINRA TRAQS website.

Cipher Suites

# TLS 1.2 (suites in server-preferred order)

  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

# TLS 1.1 (suites in server-preferred order)

  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

NOTE: TRAQS users should also ensure their browsers currently support TLS versions 1.1 or 1.2. Any TRAQS user attempting to login whose browser only supports the TLS 1.0 protocol will be denied service.

Questions regarding this notice should be forwarded to FINRA Product Management or call (866) 899-2107.