Troubleshooting: TLS upgrade
Salesforce required customers to upgrade to TLS 1.1 or higher by July 22, 2017 to align with industry best practices for security and data integrity. At this time, TLS 1.0 has been disabled for app.salesforceiq.com, api.salesforceiq.com, and api.relateiq.com.
If you’re experiencing issues connecting Salesforce with any integrations, browsers, or other third-party applications, please confirm that you have upgraded to TLS 1.1 or above.
What is TLS?
TLS stands for Transport Layer Security. TLS is a protocol that provides privacy and data integrity between two communicating applications. It’s currently the most widely deployed security protocol and is used for web browsers and other applications that require data to be securely exchanged over a network. TLS uses encryption and endpoint identity verification to ensure that a connection to a remote endpoint is the intended endpoint. To date, the versions of TLS are TLS 1.0, 1.1, and 1.2.
Salesforce web and API connections, along with email delivery, use TLS as a key component of their security. HTTPS (web) and STARTTLS SMTP (email) also use TLS as a key component of their security.
What is the change?
Salesforce required customers to upgrade to TLS 1.1 or higher by July 22, 2017. On that date, we began disabling the TLS 1.0 encryption protocol. This means that customers still using TLS 1.0 are unable to access some of their Salesforce services.
How are customers impacted?
After Salesforce disabled TLS 1.0, any inbound connections to or outbound connections from your Salesforce organization that rely on TLS 1.0 fail. This impacts a number of Salesforce services and access to websites including Salesforce Communities, Customer and Partner portals, Force.com sites, and Site.com.
Why is this happening?
At Salesforce, trust is our #1 value. Salesforce is focused on continually helping our customers improve their security by using the latest security protocols. As of July 22, 2017, Salesforce is requiring the TLS 1.1 and later encryption protocol to maintain the highest security standards and promote the safety of customer data.
- TLS 1.0 Critical Update Console (CRUC) setting
- Browser Compatibility Test
- Am I Ready? TLS 1.0 Disablement Webinar Recording (January 2017)
- Secure Connections, Release Readiness Live (September 2016)
- Users' Login History: Options for tracking TLS 1.0 logins:
For additional questions, please reach out to SalesforceIQ Support.