As an admin for a Salesforce org that may use TLS 1.0 encryption to connect with Salesforce, we want to keep you informed of the latest guidance and resources to help you prepare for the TLS 1.0 disablement across Salesforce, beginning June 25, 2016, for sandbox instances.
What should I know?
Our disablement of TLS 1.0 across Salesforce will have an impact on your Salesforce environment. Key areas of impact include:
|•||User browser access – Browser incompatibility will prevent your internal and external users from accessing your Salesforce org, Communities and Sites.|
|•||Microsoft email integrations – Integrations such as Salesforce for Outlook, Exchange Sync and Salesforce App for Outlook won’t work if users don’t have compatible local system requirements.|
|•||API integrations – These integrations will cease to work if they are not compatible with the latest version of TLS.|
|•||Case submission and management – Admins using incompatible browsers will be unable to access the Salesforce Help & Training portal, impacting case submission and management.|
The phased disablement of TLS 1.0 will begin with all sandbox instances on June 25, 2016. See the Salesforce disabling TLS 1.0 article for more details on the disablement schedule.
How do I get started?
Many of our products and developer tools are already compatible with the latest versions of TLS. Customers should start early with their planning and testing to ensure a successful transition to supporting the latest TLS version prior to our disablement of TLS 1.0.
Check out the TLS 1.0 Disablement Readiness Checklist for best practices on how to prepare for this change.
What new guidance is available?
We have added several updates to the Salesforce disabling TLS 1.0 article since our last communication in March. These additions include:
|•||How to leverage end-user notifications to inform impacted users on actions they need to take|
|•||How to identify users that need to take action|
|•||Action required for Identity Connect|
|•||Action required for Salesforce File Sync|
|•||Compatibility guidance for SalesforceIQ Inbox|
How can I perform general testing prior to the disablement?
Use the Critical Update Console (CRUC) setting, "Require TLS 1.1 or higher for HTTPS connections", to test the disablement of TLS 1.0 within your sandbox and production org prior to the Salesforce disablement.
We recommend that you test this CRUC update in a sandbox environment to verify end-to-end compatibility before testing it in your production org. See the TLS 1.0 Disablement Critical Update Console (CRUC) Setting article for more details.
How can I get for more information?
Sign up for our upcoming webinar to learn more. Participate in the Infrastructure Success Community Group to follow the latest updates and discussion on this topic.
For additional questions, open a case with Support via the Help & Training portal.