Canada Post Shipping SSL Updates

On Monday, June 25, 2018, as part of our efforts to protect your applications and ours, we will be updating our SSL certificates for soa-gw.canadapost.ca , This change should have no impact to you, unless you are pinning the SSL certificate, but we wanted to provide advance notice.

SSL certificate pinning means keeping a copy of the certificate locally for verification, we strongly discourage this as it will result in service disruption upon every certificate change. It is strongly recommended to allow appropriate certificate chain validation to occur at runtime instead.

Along with this change, we will also be disabling support for TLS 1.0. This change will cause any legacy environments not supporting TLS 1.1 or greater to fail with no path forward and no workaround. Examples of these would be Windows XP-based environments or development platforms built on .Net 3.5 or before. It also includes Windows Vista SP2 and Windows Server 2008 SP2.

This change has already been implement in the development environment ( ct.soa-gw.canadapost.ca ). We strongly encourage you to validate your systems against the development endpoints.

Please use the Developer Forum if you encounter any issues so that we can help you work through them.