Update: Apple has pushed back its deadline for enforcing App Transport Security (ATS) on applications. This allows all Kayako customers a little more time to get their servers ready for ATS, we have pushed back the deadline for our update to match Apple. We still highly recommend all download customers start the process for SSL and TLS support now.
On January 1st, 2017, we will be publishing a new version of our iOS application for our Kayako Classic customers. One of the big changes is that HTTPS/SSL will be required in order to run this application, because of Apple's new policies on keeping customer information safe.
What are we changing?
To keep customer information secure, Apple will require all apps to enforce App Transport Security (ATS) by 2017. ATS works by forcing all connections to use HTTPS, rather than non-secure HTTP.
In preparation for this change, we will be enabling ATS for the Kayako Classic iOS app in our January release.
What does this mean for you?
In order to continue to use the Kayako iOS application you will need to ensure your Kayako Classic meets two new requirements:
Your Kayako Classic domain — whether you're running OnDemand or Download — must be using HTTPS.
If you're self-hosting Kayako Classic, your web server must support TLS version 1.2.
If your Kayako Classic domain is already using HTTPS and your web server is using TLS 1.2, then you won't see any difference and the iOS app will continue to work as usual.
If your Kayako Classic domain has not yet been configured for access using HTTPS or your web server does not support TLS version 1.2, the new iOS application will fail to connect, after the January 1 release.
To continue using the Kayako Classic iOS app, we recommend that you configure SSL for your Kayako domain to both provide better security to your Kayako account and continue access to the iOS app.
I’m a Kayako Classic OnDemand customer – how do I enable HTTPS?
If you are a Kayako Classic OnDemand customer and do not use a custom domain, you do not need to take any action. If however, you wish to move to HTTPS for increased security, please contact our support staff and we can arrange the transition for you.
If you are using a custom domain, you will need to acquire an SSL certificate and add our Custom Domain SSL package to your account. You can find more information here: Using Custom SSL Certificates with OnDemand
I’m a Kayako Classic Download customer – how do I enable HTTPS?
You will need to acquire and install an SSL certificate, and ensure that your web server hosting Kayako is configured to accept TLS version 1.2 only. (SSL versions 1, 2, or 3 and TLS version 1.1 will not work with ATS.) You will then need to sign into the admin control panel, and update the Helpdesk base URL on the 'Settings: General' page.
What if I cannot change my Kayako domain to use HTTPS?
If you're running into problems updating your Kayako domain to use HTTPS, please contact support. Any Kayako domain should be capable of using HTTPS, so we should be able to coach you through it. Please note that if you don't update your domain to use HTTPS, you will not be able to use the updated Kayako iOS application.
What if I cannot enable TLS version 1.2 on my web server?
If you're having a hard time enabling TLS version 1.2 on your web server, please contact support. Any modern web server should be able to fully support TLS version 1.2, and we can help you get set up. Please note that if you don't update your web server, you will not be able to use the new Kayako iOS application.
If you are not sure if your webserver supports using TLS version 1.2, you can use a free service to check