PowerSchool Mobile Upcoming Security Update for Self-Hosted PowerSchool SIS Customers
Dear valued PowerSchool Customer,
PowerSchool is committed to providing the highest quality products and services to our K-12 education customers. For PowerSchool to continue providing the highest quality support, we are notifying you of upcoming changes to our PowerSchool SIS Mobile application that may impact your Parent and Student users.
This announcement serves as an early notice that the PowerSchool SIS Mobile team will be releasing a security update to the PowerSchool Mobile app on September 4th, 2020 that will discontinue support for PowerSchool Mobile SIS self-hosted customers with any of the following environment configurations:
No Secure Sockets Layer (SSL) on your PowerSchool SIS server (http server address).
An insecure SSL configuration or expired SSL certificate on your PowerSchool SIS server.
A deprecated Transport Layer Security (TLS) version on your PowerSchool SIS server (minimum supported TLS version is 1.2).
Mobile App SSL is not enabled on your PowerSchool SIS Mobile Registration Page
Misconfigured settings on your PowerSchool SIS Global Server Settings Page
There are a few key items that can be done or checked by a District Administrator to ensure your users are not impacted by the upcoming security change.
Verify your current SSL and TLS settings by entering your PowerSchool server URL hostname on the Qualys SSL Labs website. The test results will inform you of your current TLS version and provide details on your SSL configuration.
If you receive any errors we recommend you contact your SSL provider to resolve such errors. Some example errors are shared below that must be resolved in order for your users to continue the use of the PowerSchool Mobile app.
Your server must support TLS version is 1.2. If it does not support TLS 1.2, we recommend you contact your SSL provider to upgrade your TLS version.
Please note you may receive an error/downgrade on your SSL ranking due to your server supporting TLS 1.1. You can disregard this warning as long as your server also supports TLS 1.2 or higher.
Review your PS SIS Global Server Settings (System > System Settings > Global Server Settings)
Hosted Customers - Internal Access needs to have the Internal IP, not the hostname. Secure Server SSL - not checked, Port - 80.
Self Hosted - Setup based on Internal Configuration Settings inthis KB
Review and resubmit your Mobile Registration Settings (District Office > District > Mobile Registration)
Mobile App SSL must be enabled
If you receive an error when submitting your Mobile Registration please review the two articles below to troubleshoot the errors.