We will need to upgrade the UPS plugin to use TLS 1.1 or TLS 1.2 within this December.
We recently started to receive this (403) Forbidden exception on the DoRequest method of the UPSComputationMethod.cs file. Further investigation reviled that the exceptions were thrown by the UPS API at random. For the same address sometime we get response sometime we don’t. When we contacted the UPS support team they gave the following reply:
"Currently, all of the CIE (test) environment servers have be updated to only accept TLS 1.2 requests.
UPS will be making changes to the Production servers beginning September 1, 2017 through December 31, 2017 to support enhancing our security. During this time, you may see intermittent failures for transactions using TLS 1.0 or earlier.
As of October 10, 2017, 50% of all API servers have been transitioned over to ignore any traffic using TLS 1.0.
Effective 12/31/2017, UPS will only accept TLS 1.1 and TLS 1.2 security protocols. It is highly recommended that the most current version, TLS 1.2, be implemented. After that date, any communication requests submitted to UPS using older protocols (TLS 1.0 or earlier) will fail."
I have created an issue on Github: https://github.com/nopSolutions/nopCommerce/issues/2754