Skip to main content

TLS 1.0 has been disabled For Sandbox - Salesforce

Salesforce has finally disabled TLS 1.0 in sandboxes .This is in preparation for disablement later in 2017 for PRODUCTION instances .

Now this would have not impacted your integrations in PRODUCTION org but if your integration is broken in your sandbox ,this means you have only few months to sort this and fix before this affects your integration for PROD live users .

Before we deep drive on how to possibly fix this and work with your external systems to figure solution ,lets first understand what is TLS and why did SFDC moved to 1.x and had to disable TLS 1.0

TLS 1.0 Explained
























TLS 1.1 Improvements 

  • Added protection against cipher-block chaining (CBC) attacks.
  • Support for IANA registration of parameters.


Clearly TLS 1.1 is more secure(Compared to 1.0) and protects salesforce resources against CBC attacks .

Identify if this change broke anything .The things that can be affected in your instances are as below
  1. Web requests to Salesforce URLs that require authentication
  2. Web requests to the login page of a My Domain
  3. Web requests to Community or Force.com sites
  4. Web requests to Customer and Partner portals
  5. Web to lead, web to case, and web to custom object requests
  6. API requests to Salesforce
  7. Callouts using Apex to a remote endpoint
  8. Workflow outbound messaging callouts to a remote endpoint
  9. Callouts using Lightning Connect to a remote endpoint
  10. AJAX proxy callouts to a remote endpoint
  11. Delegated authentication callouts to a remote endpoint
  12. Mobile apps developed with Salesforce Mobile SDK need to upgraded to SDK v4
That's a big list and if you are an enterprise org ,then I am sure you would have at least one of the above things in your org and you may find it to be broken .

The most common complains that I have received and encountered myself has been our IDE no more able to authenticate or our eclipse no more working ,or our migration tools are affected .

An example screenshot of error I got last night working with my ANT tool is as below






So below are some of the suggestions to fix this issue,

1. If you are using force.com migration tool and ANT process be on a latest ANT version -atleast 36.0
2.If you are using Java 7 ,upgrade to Java 8 since Java 8 by default uses 1.2 
3.If have an integration running on a webserver ,there will be setting to disable TLS 1.0 
4.You can disable TLS 1.0 in your browser 

5.Look for specific configuration if you want to explicitly force tools to use TLS 1.1 or TLS 1.2 .For example if you still want to use Java 7 and force your ANT tool to use TLS 1.1 ,you can add an environment variable like below for windows 






6.If you use Java 7, disable TLS 1.0. (TLS 1.0 is disabled by default in Java 8.) Update your eclipse.ini file to include this line:
 
Update your eclipse.ini file to include this line:
-Dhttps.protocols=TLSv1.1,TLSv1.2 
 
The location of the eclipse.ini file depends on your operating system. For more information, see [https://wiki.eclipse.org/Eclipse.ini].

 Hopefully this sheds some light and those of you trying to fix this issue get enough out of it and fix your issues .

 There is more info here below 

 https://help.salesforce.com/apex/HTViewSolution?id=000221207
Feel free to ping me on twitter @msrivastav13 or reach by mail msrivastav13@gmail.com in case of concerns .

Popular posts from this blog

Invoking Apex Callout From Process Builder

Process builder is GA in Spring 15 and one of the queries I came across was around how to invoke apex callouts from Process builder .

Before process builder came we had two common approaches of calling webservice 

1)We have outbound messages as one of the Actions for workflows.This works if other party implements the WSDL that is generated once Outbound messaging is defined with appropriate end point .

2)Most of times future method invoked through triggers allowed to do apex callouts and invoke external web service provided the future method is annotated with @future(callout=true).This provides lot of flexibility and one of the best approaches .

3)Flow triggers was in BETA and this was also one of the ways we could invoke callouts provided the Flow implements process plugin .To understand in detail how to implement process plugin refer to the below example

The purpose of this blogpost is to demonstrate the new possibility of invoking apex callout through Process Builder 

I tried initi…
Read more

Writing Test Classes For Apex Rest Service

I came across a question in a developer community on how to write Unit Test Classes for the Rest API service for POST HTTP calls

Unit Test Classes for REST API following link is very useful and inspired by this jeff had an article on his blog on how to write the test method for same .

Here is the Jeff Blog Link Test Class for REST API(Good reference for GET Rest Services)


In one of my previous blog post i demonstrated how to use native parsing technique for Rest api for User Defined Type
I wrote the Test class for the same and this post is helpful for all those searching for how to write test classes for apex rest service annotated with POST Call
Here is the Rest Service Class for which i attempted the test class
@RestResource(urlMapping='/DemoUrl/*') global with sharing class MyRestResourcedemo { global class RequestWrapper{ public Account acct; public Contact[] cons; } global class ResponseWrapper { public String StatusCode; …
Read more

Opening Modal Using Lightning Component Framework of SFDC

One of my friend from India threw a challenge .The challenge was to open a modal by using latest and greatest lightning components framework and modals design from SLDS .For the love of community I thought of sharing the entire code base that I did .

So here we start ..

Business Use Case - Need a handy SalesLeader board component that can be used to display the Sales revenue generated by each sales rep for current year in the order of decreasing total revenue .On click of the tile ,we will show detail opportunity list aggregating the revenue .

The component can be dragged in lightning design experience or in App builder lightning Page .

Video Demonstration-



SalesLeaderBoard from Mohith Kumar Shrivastava on Vimeo.








Frameworks Used -
Lightning Design Systems (SLDS) for CSSLightning Component Framework for client side logicApex aura enabled class for backend logicApproach
The component hierarchy is very important to imagine or mindmap before we dig deeper- SalesLeaderMain
    -SalesLeaderBoard
    …
Read more