Securing data in transport
Scanning API receiver URLs must use a TLS-enabled HTTPS URL located on a public server with a valid SSL certificate.
HTTP deprecation notice
As part of Cisco Meraki's efforts to continually improve our platform and enable customers to securely deploy Meraki networks, an update is being implemented to the Scanning API and webhook services and configuration options.
What is changing?
Beginning May 22nd, 2019 Meraki will require all newly-configured receivers to use HTTPS and will no longer support configuring non-HTTPS receivers. All currently active Scanning API and Webhook services have until August 20, 2019 to upgrade receiver(s) configurations to HTTPS (SSL/TLS).
Will existing receivers stop working?
The option to use non-secure receivers will end on August 20, 2019, after which all active non-HTTPS receivers will be disabled. All newly configured receivers will be required to use HTTPS (SSL/TLS). In order to avoid any impact to services and applications using the Scanning and/or Webhooks API, please make these changes on or before August 20, 2019. If you have not made the required changes by August 20, 2019 we will stop sending data to any remaining HTTP receivers.
Are self-signed SSL/TLS certificates supported?
Self-signed certificates are not supported for scanning API. The receiving web server must have a valid SSL/TLS certificate, signed by a globally trusted certificate authority (CA).
Need a certificate?
Consider one of these free or low-cost solutions for obtaining a certificate:
- Let's Encrypt - Free SSL certificates
- ngrok - Instant local secure proxy, ideal for development.