TLS encryption is used to ensure a secure connection to endpoints; Salesforce Web and API connections and email use TLS as a key component of their security. It will be disabled in Sandboxes on June 25, 2016, and in production orgs on March 4, 2017. (Note: on new orgs created after June 11, 2016, it will be disabled automatically.)
What does this mean for you? Once TLS 1.0 is disabled, any inbound or outbound connections to your org will need to use TLS 1.1 or TLS 1.2 encryption. Some key areas for Remedyforce customers:
- You will need to be on supported browsers (go to https://tls1test.salesforce.com/ to test your browser)
- You need to ensure that any inbound integrations (such as from Pentaho) use TLS 1.1 or 1.2 encryption. For Pentaho, any version before 6.0 will not be able to communicate with Salesforce; to check the version, launch Pentaho by clicking on spoon.bat; then go to “About” and check the version. It is also recommended that the machine running Pentaho be on at least Java version 8.0.
- If you use Data Loader, you will need to download a new version – the one released with Spring, 2016. And if your phone integration is using the CTI Toolkit, you will need to transition to the Salesforce Open CTI alternative.
Don’t be surprised by this change! Be prepared!
For details, see this Salesforce page: https://help.salesforce.com/apex/HTViewSolution?urlname=Salesforce-disabling-TLS-1-0&language=en_US#Whatischange
And this BMC page: https://communities.bmc.com/community/bmcdn/bmc_remedyforce/blog/2016/06/10/salesforce-tls-10-disablement-are-you-ready