Helcim Logo Support & Tutorials

© Copyright 2006-2018 Helcim Inc.

All Rights Reserved.

Converge (formerly VirtualMerchant) »

Upcoming Changes - SHA2 and TLS1.2


Elavon is sending emails to merchants using Converge, saying that there are upcoming changes to the certificates and IP addresses that may impact them.


  • SHA1 and SHA2 are digital signatures that prove that data has not been tampered with while it has been moving from your computer to another.  SHA1 is old and broken but SHA2 is a lot better.
  • TLSv1.2 encrypts the data being sent from your computer to another.  If people say SSL they usually mean TLS.
  • Together SHA and TLS form HTTPS.
  • IP addresses are the street addresses of the internet.  However instead of having a street name and province etc it is just numbers like  If you go to somewhere like www.google.ca in your browser your computer will first translate that into an ip address and then it knows how to get to the page.  You just don't see that part usually.  

Converge Web Site

Old operating systems and servers will not support SHA2 or TLS1.2.  For example if you're using Windows XP you would not be able to use the converge website anymore. They have to be using both a browser that's supported and an operating system that is supported.  Here's a list of Browsers and operating systems that will work with the website:

Compatible Browsers

  • Google Chrome, version 38 and higher
  • Mozilla Firefox, version 27 and higher; and ESR version 31.0 and higher
  • Internet Explorer, version 11 and higher
  • Safari, version 7 and higher
  • Opera, version 12.18 and higher

Compatible Operating Systems

  • Microsoft Windows 7 and higher
  • Microsoft Windows Server 2008 R2 and higher
  • OS X Mavericks (version 10.9) and higher
  • Android 5.0 and higher
  • iOS 5 and higher
  • Windows Phone 8.1, Windows 10 Mobile

NOTE: helcim.com has already switched to the new SHA2 and TLS1.2. Which means if they can browse Helcim.com on their computer, the Converge changes will work for their computer. However their ecommerce could still be impacted, see below:

Converge API and E-Commerce

If they are sending transaction using the Converge API, they will have to have their developer verify that it will work with SHA2 and TLS1.2.  Their server will also have to be up-to-date.  You can provide them the link down below that they can give to their developer so they can verify that it will work.

If they are using a third-party shopping cart provider (see link below, any of them where the gateway is "VirtualMerchant", e.g. Shopify), they will have to ask their shopping cart provider if their cart will support SHA2 and TLS1.2.


Hard-Coded IP's and Firewalls

Most shopping carts and custom API codes should be sending the transactions to the Converge API directly at (https://www.myvirtualmerchant.com/VirtualMerchant/process.do). If so, there is no impact. In the event that they programmed their code to talk to the IP addresses directly (not recommended), they will either have to manually update the IP's in their software or change it to use an URL.

Original Email:


Link that is in the email:  http://www.besha2ready.ca/converge