If your organisation submits or consumes information via OCIMF WebServices, please ensure that this message is passed to your IT department.

OCIMF is committed to security best practice, and this notification provides advance warning of two updates to OCIMF WebServices that may impact integrators:

Minimum Supported TLS Support

From 10 September 2018, OCIMF will be aligning our support for transport security protocols with PCI recommendations and ending support for the TLS 1.0 protocol for all connections to OCIMF systems, including OCIMF WebServices. This follows on from the end support for the use of OCIMF Websites with the TLS 1.0 protocol in June 2018 (announcement).

IP address changes for OCIMF WebServices

From 10 September 2018, OCIMF will be upgrading OCIMF's Production infrastructure and will no longer present a static IP address. Following the upgrade, all connections to the OCIMF production server must be made via the IP addresses returned by DNS lookup to api.ocimf.org (the full end-point URL is below).

https://api.ocimf.org/OcimfServices.asmx

It is unlikely this change will impact your integration however we advise you confirm that your security systems do not restrict connections to api.ocimf.org by IP Address.

Preparing for the changes

The above configuration updates are currently applied to the OCIMF WebServices Staging environment, the end-point URL is below,

https://staging-ws.ocimf.biz/OcimfServices.asmx

If you have any enquiries, please contact OCIMF’s Programmes Helpdesk Support at siresupport@ocimf.org or on +44 (0)203 856 7880.

Best regards
OCIMF Support