10th April 2024 – Planned Essential Maintenance
On Wednesday 10th April 2024 essential maintenance will be taking place from 10:00 – 12:00 UTC +1 (BST). During this maintenance window, connections may be reset and users may need to re-connect.
gTLD:
- EPP
EPP SSL Re-hardening
We have for some time required all connections to our gTLD EPP services to use a valid client-side SSL certificate issued by a major vendor – with enforcement by our load balancer. A bug in the firmware of our load balancer resulted in client certificates not being validated. We have since upgraded the firmware to fix this bug, but we turned off this validation on the production environment when doing so to enable us to re-announce the enforcement and minimise the likelihood of any issues.
We will re-enable validation of client-side certificates in Production environment for gTLD registries.
gTLD platform – EPP IP allow list hardening
EPP connections on our gTLD platform must come from IP addresses listed on our IP allow list. The IP allow lists are updated on a per accreditation basis in online services by registrars. To check which details you have added to the allow list in each account choose ‘gTLD settings’ and then review the IP lists per registry. If a connection to EPP is attempted via an IP address which is not on the allow list for the specific accreditation, it will result in an authentication error (result code 2200) when attempting to login to EPP. Our Testbed and OT&E environments have this enabled.
We will harden this implementation to tie the IP allow list to the specific accreditation(s) username that the IP is listed against in online services.
If you have any questions or experience any unusual behaviour after the changes are implemented, please contact our customer support team at [email protected].
Share this:
Minerva House, Edmund Halley Road, Oxford Science Park, OX4 4DQ, United Kingdom