Loading

Direct 2.0
Collapse

Dun & Bradstreet’s Online Services Security Enhancement

As part of our ongoing effort to deliver indispensable content through modern channels, Dun & Bradstreet has enhanced the security of our Online Products and Services.

To adhere with Industry best practices for security and data integrity, Direct 2.0 and Direct Onboard API’s has disabled support for Transport Layer Security (TLS) 1.0 and 1.1. The supported Cipher Suites were revised to remove weak ones and leave the following as the only supported set:

Cipher Suites supported sets:

RFC NameOpenSSL Name
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDHE-RSA-AES256-GCM-SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256ECDHE-RSA-AES128-GCM-SHA256
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384DHE-RSA-AES256-GCM-SHA384
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256DHE-RSA-AES128-GCM-SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384ECDHE-RSA-AES256-SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256ECDHE-RSA-AES128-SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHAECDHE-RSA-AES256-SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHAECDHE-RSA-AES128-SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256DHE-RSA-AES256-SHA256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256DHE-RSA-AES128-SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHADHE-RSA-AES256-SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHADHE-RSA-AES128-SHA

Customers must ensure that their Application Program Interface (API) support TLS 1.2, the HTTPS protocol must support at least one of our supported Cipher Suites, by December 14, 2018. After that date, we disabled the TLS 1.0, TLS 1.1, HTTP protocols, and encryption.

Customer Impact

Those who are still using the older protocols after December 14, 2018 are prevented from accessing the noted products, applications, and services. Connections to or from a customer’s API or web browser that rely on the older protocols will fail. The disruption of service may include failure to connect, inability to send/receive data and/or files, and/or inability to log into their Dun & Bradstreet products and services.

What Actions You Need to Take

Customers are required to always use TLS v1.2 when connecting to Dun & Bradstreet APIs.

D&B Direct Customers can test their connections using one of the following links:

Please contact your company’s Technical Support Team for more information and assistance.

What if I need more information or support?

We have attached a Frequently Asked Question (FAQ) document for your reference. For additional support, please contact the D&B Customer Support Team directly at 1.866.465.3829. You can also open a support request at any time by visiting our support website.