There have been several SSL PTFs recently.
These have all been related to disabling SSLv2, SSLv3, and TLSv1.0, only
allowing TLSv1.1 or TLSv1.2.
Along with this is disabling SHA1 certs, using new SHA256 certs.
SHA1 certs will be expiring, and will not be able to be renewed.
If the remote device, whether be a desktop or sever, was using one of the
older versions and/or certs, and not updated for the new, this would
cause a failure.
We also had issues with 3rd party i5 products, still waiting for those
There are more changes scheduled for 2016.
We were just informed that if our credit card system is running TLSv1.0 on
7/1/2016, credit cards will stop working because the banks will no longer
be accepting TLSv1.0.
We are currently awaiting for the TLSv1.1 upgrade from Curbstone.
I now have a SSL socket trace running on a daily basis, monitoring all the
SSL versions and certs being used.