SalesForce.com has disabled TLS 1.0 on the sandboxes, due to the POODLE Vulnerability. For Production, such disablement is planned for 2017!
We are working on an integration project with a brand new sandbox, so we immediately got the error "UNSUPPORTED_CLIENT TLS 1.0 has been disabled in the organization. Please use TLS 1.1 or higher" when we tried to use the Login Action.
Saleforce Connector component will require an upgrade to use TLS 1.1 (or higher).
As a workaround, what we did was:
Note: SecurityProtocolType.Tls12 is only supported by .NET 4.5+
Alternatively, it seems that the .NET default security protocol type could be changed in the registry keys:
However, those registry keys will enable TLS 1.2 by default for all installed .NET 4.0, 4.5, 4.5.1, and 4.5.2 applications on that machine, it could raise issues in other .NET applications. For cloud solutions, changing the registry is not an option.
Can we expect such upgrade on the component from Salesforce Connector team?
Since we have fixed already, please get back to us for any help you may require.
After speaking with the OutSystems CSP people, I have learned a couple of things:
In the meantime for us Java folks, it was suggested we can workaround the issue by following the example in this stack overflow post. The issue I am having with that suggestion now is that there seems to be no obvious place to implement this block of code. I also do not know what to input as the second argument for initializing the SSLContext - I am guessing there is some static TrustManager within the OutSystems library jars we are supposed to be using for this, but for fear of breaking something I dare not proceed until I know more.
Are we any closer to getting a version of this connector that works with > TLSv1.0?