Salesforce Trust


Beginning July 22, 2017, secure org connections will be required to use the latest security protocol, TLS 1.1 or higher.



TLS Disablement Has Begun: What You Need to Know

Salesforce has begun the phased disablement of the TLS 1.0 encryption protocol. To continue uninterrupted access to Salesforce after your disablement date, we require that all customers support a more secure version of TLS for all orgs. TLS 1.1 will be the new minimum standard security protocol used by Salesforce in order to align with industry-wide best practices for security and data integrity. 

Note: To give admins more time to prepare Salesforce Community users, the TLS 1.0 disablement deadline for Salesforce Communities has been extended to March 10, 2018. After the disablement, TLS 1.1 or higher will be required for all connections to Salesforce Communities. See the 'Salesforce Disabling TLS 1.0' article for more details.

The impact of the TLS 1.0 disablement will vary by org, and depends on the ways in which your users connect to the Salesforce service. Key areas of impact include:

  • User browser access could be interrupted as browser incompatibility may prevent your internal users from accessing
  • Microsoft email integrations such as Salesforce for Outlook, Exchange Sync and Salesforce App for Outlook won’t work if users don’t meet compatibility requirements.
  • API integrations will cease to work if they are not compatible with TLS 1.1 or later. This includes .NET-based integrations that send requests to Salesforce and are not enabled with TLS 1.1 and/or TLS 1.2.
  • Communities and Sites users will not be able to connect unless their browser or browser settings are updated per compatibility guidelines. Please review How to test for internet browser compatibility for more information.
  • Partner App/AppExchange integrations will cease to work if they are not compatible with TLS 1.1 or later.

Resources for a smooth transition to TLS 1.1 or higher