Announcement

Collapse
No announcement yet.

Betfair API Login - TLS 1.2 - from 19th February 2019

Collapse
This is a sticky topic.
X
X
  • Filter
  • Time
  • Show
Clear All
new posts

    Betfair API Login - TLS 1.2 - from 19th February 2019

    Please be aware that from - 19th February, the only protocol for securing the communication between Betfair servers and web browsers at login will be TLS 1.2. Older versions (TLS.1.0, TLS.1.1 or SSLv3) will no longer work.

    Although we don't expect this to have an impact on API clients we'd recommend that you refer to the following resources depending on your programming language/framework to confirm that your using TLS 1.2 or above:

    Overview of Application’s & Adoption - https://en.wikipedia.org/wiki/Transp...s_and_adoption

    .NET - https://docs.microsoft.com/en-us/dot...rogramming/tls

    Java - http://www.ateam-oracle.com/tls-and-java/

    PHP - http://php.net/manual/en/migration56.openssl.php

    Python - https://docs.python.org/2/library/ssl.html

    Kind Regards

    Betfair Developer Program
    Last edited by BetfairDeveloperProgram; 06-02-2019, 07:29 AM. Reason: Updated release date from 7th Feb to 19th Feb

    #2
    Hi there
    my question is this - I got the non interactive login going using python about a year or so ago. I set up using your instructions on the forum
    I used the python sample code
    can you update the tutorial to reflect these changes or am I totally missing the point here
    thanks
    Clive

    Comment


      #3
      could you please refresh the sample code for c#, dont understand which code to change
      thank you

      Comment


        #4
        Hi

        I had ignored this announcement too until today as I assumed Betfair were just killing off some really old legacy protocol. Wrong !! I discovered I couldnt login today either.

        I had pretty much just copied and pasted Betfairs sample login code so my understanding of it isnt great. Anyways it should hopefully be simple for you to fix, basically you just need to recompile your Application but target .NET Version 4.7. This allows the OS to pick which TLS version it uses, so presumably my Win10 is now choosing TLS V1.2 rather than V1.1 before my recompile. All working fine now after switching to .NET Framework 4.7

        Regards Geoff

        Comment


          #5
          Originally posted by maxspeed View Post
          could you please refresh the sample code for c#, dont understand which code to change
          thank you
          ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
          Just add this line to your program.

          Comment


            #6
            Thanks WT, you've saved my life! A pity simple solutions like this aren't publicized by BF when they make these edicts

            Comment


              #7
              Originally posted by WTPooh View Post

              ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
              Just add this line to your program.
              Thank you so much! It works great!

              Comment


                #8
                Hi,
                I am having a problem with the new TLS protocol.

                Firstly, I have no problem with logging in, I can use all the functions like getting prices, placing bets etc, everything EXCEPT Logout.

                The code for logging out is identical to all the other functions that work fine except when I call logout I get an error SSL3 GET_Record wrong version number.

                The code logs out by calling httpClient.Get('https://identitysso.betfair.com/api/logout') ;

                everything else works and I didn't need to change anything. It seems that windows 10 selects the correct SSL protocol, so why doesn't the log out work?

                Kind Reagrsd
                OzPunter

                Comment


                  #9
                  In relation to the new TLS 1.2 protocol the choices I have for the INDY HTTPClient are

                  sslvSSLv2
                  sslvSSLv23
                  sslvSSLv3
                  sslvTLSv1
                  sslvTLSv1_1
                  sslvTLSv1_2

                  I've tried every setting and the ALL Fail..

                  Does anyone know how to set the Indy HTTPCLIENT to a setting that Betfair servers accept?

                  httpClient.Request.CustomHeaders.Add('X-Application:' + App_Key ) ;
                  sslIOHandler := TIdSSLIOHandlerSocketOpenSSL.Create(nil) ;
                  sslIOHandler.SSLOptions.Method := sslvTLSv1_2;
                  sslIOHandler.SSLOptions.SSLVersions := [sslvTLSv1_2];
                  httpClient.IOHandler := sslIOHandler ;
                  Response := httpClient.Get('https://identitysso.betfair.com/api/logout') ; < --- This line Fails

                  There is lots of chatter on the internet about the SSL3_GET_RECORD: Wrong Version Number error, many suggest that Wireshark shows it as a server problem.

                  I have searched for a solution and have drawn a blank, I don't know if its a server issue or not, but I can say its frustrating..

                  OzPunter

                  Comment


                    #10
                    I think I've solved the problem,, (Possibly)

                    I found this site https://indy.fulgan.com/SSL/ and downloaded the two DLL's, (libeay32.dll and ssleay32.dll) then installed the two .DLL's into my windows system path and the fault stopped occurring..

                    I have only briefly tested the code but it's looking promising..

                    Regards
                    OzPunter

                    Comment


                      #11
                      Originally posted by OzPunter View Post
                      I think I've solved the problem,, (Possibly)

                      I found this site https://indy.fulgan.com/SSL/ and downloaded the two DLL's, (libeay32.dll and ssleay32.dll) then installed the two .DLL's into my windows system path and the fault stopped occurring..

                      I have only briefly tested the code but it's looking promising..

                      Regards
                      OzPunter
                      That site looks official.. good luck

                      Comment


                        #12
                        Problem solved.. When all else fails check the obvious. (Always the last thing to do) I updated libeay32.dll and ssleay32.dll from https://indy.fulgan.com/SSL/ and all is well. I did check the dates on my original files they were dated 2018 so I figured they were the latest, no so apparently.

                        If anyone else is having this problem, do this first instead of (like me), last.

                        Kind Regards
                        OzPunter

                        Comment


                          #13
                          Originally posted by OzPunter View Post
                          Problem solved.. When all else fails check the obvious. (Always the last thing to do) I updated libeay32.dll and ssleay32.dll from https://indy.fulgan.com/SSL/ and all is well. I did check the dates on my original files they were dated 2018 so I figured they were the latest, no so apparently.

                          If anyone else is having this problem, do this first instead of (like me), last.

                          Kind Regards
                          OzPunter
                          If you're doing that you must have a problem with your Windows installation, there maybe other issues that you don't know about.
                          Conduct a full malware Scan of your PC, make sure your Windows is uptodate ect.

                          Comment


                            #14
                            Thanks for the helpful advice LetsGo, but I scan my computer regularly and kill off anything suspicious. I did check the .dll's and because the dates were 2018, I assumed [erk] that they were the current versions. The problem stopped immediately I downloaded the new .dll's. I was in a bit of a panic because I have several programs that use the BF API and I was visioning complete failure. Apparently only the Login, Logout & Keep alive functions were affected. Its strange that my Logout was the only function affected but my KeepAlive function went merrily on. The login uses the interactive (web) login so that always worked.

                            Thanks for your concern LetsGo, helpful advice.

                            Kind Regards
                            OzPunter

                            Comment


                              #15
                              What do I have to change in VB.NET. I can no longer log in

                              Comment

                              Working...
                              X