In order to ensure that we provide the highest level of security for our customers we need to segregate traffic between players that support the latest more secure standards from those that do not, this is to ensure that those players that support the more secure standards can only connect using those.
What do you need to update?
The specific URLs which will need to be added to your firewall whitelist for this purpose (in addition to the previous URLs here https://support.signagelive.com/hc/en-us/articles/115000153131--How-to-connect-Players-to-Signagelive-on-a-secure-network:
nena-playerapi.signagelive.com
nena-smilapi.signagelive.com
nena-go.signagelive.com
nena-m2m.signagelive.com
nena-playerdataapi.signagelive.com
nena-screenshotuploadapi.signagelive.com
nena-roombookingapi.signagelive.com
nena-wbtapi.signagelive.com
nena-weatherapi.signagelive.com
nena-static.signagelive.com
IP addresses to add
134.213.79.62
We will begin rolling out these changes from the 5th of April 2021 until the 10th of May 2021 across devices. The full timetable can be seen here:
TLS Timetable Programme :
Please note: These times have been updated from the previous timetable to allow additional time for those who still need to update their URLs.
The schedule has therefore changed from:
1/3/2021 | Notification | SMIL Update notice |
8/3/2021 | Update | Update SMIL DNS |
15/3/2021 | Notification | Legacy PC Update notice |
22/3/2021 | Update | Update Legacy PC App |
29/3/2021 | Notification | Final notice of change |
5/4/2021 | Update | Switch TLS 1.0 and TLS 1.1 Off on UI and API |
to:
TLS 1.0 Migration |
|
|
Date w/c | Action Type | Action |
2/11/2020 | Notification | 1st notice of change |
9/11/2020 |
|
|
16/11/2020 |
|
|
23/11/2020 | Notification | 2nd notice of change |
30/11/2020 |
|
|
7/12/2020 |
|
|
14/12/2020 | Notification | 3rd notice of change |
21/12/2020 |
|
|
28/12/2020 |
|
|
4/1/2021 | Notification | SSSP Update Notice |
11/1/2021 | Update | Update SSSP D & E |
18/1/2021 | Notification | LG, SMIL and Legacy PC Update notices |
25/1/2021 | Update | Update LG |
1/2/2021 | Notification | 4th notice of change |
8/2/2021 | Notification | Philips Update notice |
15/2/2021 | Update | Update Philips |
22/2/2021 | Notification | 5th notice of change |
5/4/2021 | Notification | SMIL Update notice |
12/4/2021 | Update | Update SMIL DNS |
19/4/2021 | Notification | Legacy PC Update notice |
26/4/2021 | Update | Update Legacy PC App |
3/5/2021 | Notification | Final notice of change |
10/5/2021 | Update | Switch TLS 1.0 and TLS 1.1 Off on UI and API |
If you are using a modern web browser to manage your network you will already be using TLS 1.2 or 1.3 by default and most media player families are also unaffected, however, the following media player families will be affected by this change:
Samsung C, D and E Series (not Tizen)
LG webOS webOS 1.0 and 2.0
Philips (D line running Android 4.4)
Legacy PC Client (.NET Framework Client not Electron Client)
SMIL
We will be updating the affected clients to use the new endpoint according to the schedule above however so that you have plenty of time to make the required changes we will automatically failback to the original endpoint that is already whitelisted so you will not lose connectivity if you have not yet whitelisted the new endpoint until we finally disable TLS 1.0 and 1.1. We will be tracking which media players are connecting using which endpoint and contacting you directly as we near the cut-off date to ensure we are able to migrate the traffic.