function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
Devender Kumar 13Devender Kumar 13 

How to Enable TLS 1.0 encription for API integration

Salesforce is going to disable SSL 3.0 encription on 7th November for all the sandbox instances and later for production instances.
In sandbox environment, my .Net client application using OAuth 2.0 Web Server flow and salesforce APIs to communicate with salesforce.  How could I verify that my API integration is using SSL 3.0 encription and how could I change it to TLS 1.0? Where could I found these settings?

Many thanks in advance.
Best Answer chosen by Sonam (Salesforce Developers) 
Devender Kumar 13Devender Kumar 13
We got another useful link addressing this issue:

http://salesforce.stackexchange.com/questions/54960/ensuring-my-application-complies-with-ssl3-0-being-disabled

 

All Answers

SonamSonam (Salesforce Developers) 
Please go through the following thread - http://stackoverflow.com/questions/10500511/how-to-find-what-ssl-tls-version-is-used-in-java 

 You can also use the getProtocol() method in .Net to figure out the same..
 
vidya shettyvidya shetty
The link does not satisfy the required answer.Can you let us know what change we need to integrate in .Net (maybe the App.config here) to accomodate the TLS in the API calls??
E.g : This is my API call
https://ap1-api.salesforce.com/services/Soap/class/XYZService
What changes are expected for this 'Https' request ?
Devender Kumar 13Devender Kumar 13
Thanks Sonam for the response but its not much helpful for me. I am using .net client and using salesforce APIs for communication with Salesforce instances. No where I am specifying any setting for encriptions. I am not sure but it might be using some default setting but how could I verify and change it to TLS 1.0.1.1. 

I am using post method for System.Net.WebRequest class for Authorize and  Token API.
And using WebClient  for accessing data from salesforce,. Below is the code snippet.

  using (var client = new WebClient())
            {
                client.Headers.Add("Authorization", "Bearer " + accessToken);
                string query = "SELECT ID,NAME,LASTMODIFIEDDATE) ORDER BY ID ASC NULLS FIRST".Replace(' ', '+');
                var response = client.DownloadString(instanceUrl + "/services/data/v20.0/query?q=" + query);
               return response;
            }
 
Devender Kumar 13Devender Kumar 13
Can anyone please help on this? Tomorrow Salesfoce is going to disable SSL3.0 for sandbox instances. I need a workaround to mitigate the impact of this change on my application using salesfoce API integration.
SonamSonam (Salesforce Developers) 
Hey Devender, though I'm not a .NET expert, got something which might be helpful - it has code snippet to force TLS  connection when using .NET:
http://bytes.com/topic/net/answers/436273-force-net-do-tls-only
 
Devender Kumar 13Devender Kumar 13
We got another useful link addressing this issue:

http://salesforce.stackexchange.com/questions/54960/ensuring-my-application-complies-with-ssl3-0-being-disabled

 
This was selected as the best answer