+ Start a Discussion
gv007gv007 

TLS 1.1 in sandbox testing not working

We know salesforce.com going to disable TLS1.0 in march in production environment.We hited already sandbox environment

I have a C# integration code ,I used recomeanded URL mentionted in the document ,but it was not working any inputs helpful

Dont post the recomenaded documentation content.

https://help.salesforce.com/HTViewSolution?id=000221207#MSFT

Wht is the work around.
Best Answer chosen by gv007
Jason FlippenJason Flippen
gv007,

I'm working on a .NET integration with Salesforce and ran into this issue in our sandbox as well.  We resolved this by doing the following...

1.  We updated the .NET Framework being targeted to 4.6 (we were targeting the .NET 4.5 framework).  Here is a link to an article to help you with that:  https://msdn.microsoft.com/en-us/library/bb398202.aspx (https://msdn.microsoft.com/en-us/library/bb398202.aspx" target="_blank).  A co-worker of mine did that, then rebuilt and deployed the application to our QA server and we no longer had the issue there.

2.  When I ran the .NET application locally however, because I hadn't pulled the updated .NET code, I was still experiencing the issue.  To resolve it I went through one of the steps found in the help documentation you referenced (https://help.salesforce.com/HTViewSolution?id=000221207). In the Option 2 of .NET 4.5 to 4.5.2 section under the Action Required for API (Inbound) Integrations there is a "registry import file".  I downloaded that file and ran it.  Afterwards, I no longer experienced the TLS issue.  Here are the details of that:

Option 2:
It may be possible to enable TLS 1.2 by default without modifying the source code by setting the SchUseStrongCrypto DWORD value in the following two registry keys to 1, creating them if they don't exist: "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319" and "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319". Although the version number in those registry keys is 4.0.30319, the .NET 4.5, 4.5.1, and 4.5.2 frameworks also use these values. Those registry keys, however, will enable TLS 1.2 by default in all installed .NET 4.0, 4.5, 4.5.1, and 4.5.2 applications on that system. It is thus advisable to test this change before deploying it to your production servers. This is also available as a registry import file (https://tls1test.salesforce.com/s/NET40-Enable-TLS-1_2.reg). These registry values, however, will not affect .NET applications that set the System.Net.ServicePointManager.SecurityProtocol value.


These were the steps we took to resolve this issue.  I hope it helps for you.

Good luck!

Jason

All Answers

Jason FlippenJason Flippen
gv007,

I'm working on a .NET integration with Salesforce and ran into this issue in our sandbox as well.  We resolved this by doing the following...

1.  We updated the .NET Framework being targeted to 4.6 (we were targeting the .NET 4.5 framework).  Here is a link to an article to help you with that:  https://msdn.microsoft.com/en-us/library/bb398202.aspx (https://msdn.microsoft.com/en-us/library/bb398202.aspx" target="_blank).  A co-worker of mine did that, then rebuilt and deployed the application to our QA server and we no longer had the issue there.

2.  When I ran the .NET application locally however, because I hadn't pulled the updated .NET code, I was still experiencing the issue.  To resolve it I went through one of the steps found in the help documentation you referenced (https://help.salesforce.com/HTViewSolution?id=000221207). In the Option 2 of .NET 4.5 to 4.5.2 section under the Action Required for API (Inbound) Integrations there is a "registry import file".  I downloaded that file and ran it.  Afterwards, I no longer experienced the TLS issue.  Here are the details of that:

Option 2:
It may be possible to enable TLS 1.2 by default without modifying the source code by setting the SchUseStrongCrypto DWORD value in the following two registry keys to 1, creating them if they don't exist: "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319" and "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319". Although the version number in those registry keys is 4.0.30319, the .NET 4.5, 4.5.1, and 4.5.2 frameworks also use these values. Those registry keys, however, will enable TLS 1.2 by default in all installed .NET 4.0, 4.5, 4.5.1, and 4.5.2 applications on that system. It is thus advisable to test this change before deploying it to your production servers. This is also available as a registry import file (https://tls1test.salesforce.com/s/NET40-Enable-TLS-1_2.reg). These registry values, however, will not affect .NET applications that set the System.Net.ServicePointManager.SecurityProtocol value.


These were the steps we took to resolve this issue.  I hope it helps for you.

Good luck!

Jason
This was selected as the best answer
UC InnovationUC Innovation
Try setting:

System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls11;

in Application_Start().  That worked for us.
gv007gv007
we have to put above code next to main() function in C# code ,above two are correct answers.