function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
Nachiket Deshpande 33Nachiket Deshpande 33 

Error: Something went wrong. Please try again.Remote host closed connection during handshake

I am making an HTTP POST request to external system, it works fine when I post request from Developer orgs, these orgs are of older versions. However when I build a package and install that package into a new org and when I try to connect to external system using HTTP POST I get this HandShake error.
Error: Something went wrong. Please try again.Remote host closed connection during handshake
One reason that I thought of is, Salesforce has disabled TLS 1.0 , Salesforce is requiring an upgrade to TLS 1.1 or higher by July 22, 2017 in order to align with industry best practices for security and data integrity. On that date it will disable TLS 1.0. But the API that I am hitting using post confirms that its still accepting TLSv1, handshake error result via open SSL, inside of external system network.

Does new Salesforce orgs that I am creating has TLS 1.1 or higher enabled by default? and external system is not accepting request because of change in version for TLS.

https://c.na34.visual.force.com/apex/MyVFPage <- this one succeeds on connectionhttps://packageNameSpace.ap5.visual.force.com/apex/MyVFPage <- this one fails These are callback URLS.
When I check the critical updates in my old org I can see like following:-
User-added image
However new Salesforce orgs that I am creating does not have this in Critical updates, does that mean new Salesforce orgs already having version of TLS 1.1 or higher enabled by default, if YES how to check version of TLS?

I did activate TLS 1.1 or higher under critical updates section assuming there might be some issue with TLS, also external system confirms that they accept TLS V1.0, V1.1,V1.2 and V1.3

When I tried to connect to external system after activating this update , all seems to be working fine in the old Salesforce orgs that I am using, however new Salesforce orgs that I am creating, having issue shaking hands with external system.

Any thoughts how to approach this issue.
Note: I can not post code here because of the security reasons, it will be helpful if anyone can guide me about this.

NagendraNagendra (Salesforce Developers) 
Hi Nachiket,

I'm pretty sure you are following This Article, however, you should continue monitoring it for updates.
  • All org's are already supporting1.1 and TLS 1.2
  • New org's will automatically have TLS 1.0 disabled.
  • No sandbox org's support TLS 1.0 any longer.
New production orgs created with Summer '16 or later

TLS 1.0 is disabled by default. New production orgs created with Summer ‘16 or later will have the "Require TLS 1.1 or higher for HTTPS connections” Critical Update Console (CRUC) setting auto-enabled. This will disable TLS 1.0 by default.

Sandbox orgs June 25, 2016, at 9:30 AM PDT (16:30 UTC)

After this date and time, all sandbox orgs -- whether existing, refreshed, or new -- will have TLS 1.0 automatically disabled and will require TLS 1.1 or later in HTTPS connections to or from the sandbox org. The "Require TLS 1.1 or higher for HTTPS connections" CRUC setting will not be available.

Production orgs

July 22, 2017 9:30 a.m. PST (17:30 UTC)

NOTE: The disablement for orgs will not occur over a staggered period. All org types will have TLS 1.0 disabled based on the date and time stamp outlined above.
In a nutshell, yes, the org's you have created use TLS 1.1 or higher.

Hope this helps.

Thanks,
Nagendra

 
Nachiket Deshpande 33Nachiket Deshpande 33
Thanks for your reply @nagendra, but how to approch this issue as in few orgs its working while in others its not.
Nachiket Deshpande 33Nachiket Deshpande 33

Yes I am referring to this article  Salesforce disabling TLS 1.0 https://help.salesforce.com/articleView?id=000221207&type=1, please add this hyperlink in your answer so that other users can get idea what you are referring to, looks like you copy pasted the answer from Salesforce Stack exchange as it is,  as I have asked same question on that forum too.