Salesforce have disabled support for TLS versions older than 1.0 2
This will have a critical impact on the usability of the FuseIT SFDC Explorer (and other systems connecting to the Salesforce APIs). Existing customers need to take action before June 2016 in Sandboxes and early 2017 in production orgs.
TLS 1.1 will be 2 is supported by Salesforce but earlier versions of the FuseIT SFDC Explorer were built on .NET Frameworks that do not support TLS 1.1 2 and therefore may not connect with Salesforce once TLS 1.0 has been disabled.
Short Term Solution
Do not accept the Salesforce Critical Upgrade.
Login to your Salesforce instance and navigate to the Setup menu (under your user name). In the search text box search for "Critical Updates". Ensure the "Require TLS 1.1 or higher for HTTPS connections" update is not activated and note the number of days remaining before auto-activation will occur.
...
Solution
Please download the latest version of the FuseIT SFDC Explorer. Versions 3.0 14 onwards use the .NET 4.67.1 2 framework that has native support for TLS 1.1 and 1.2. If required, you can download the Microsoft .NET Framework 4.67.12.
Required TLS Config
Note, the securityProtocols element must appear in the FuseIT.SFDC.Explorer.exe.config file to enable TLS 1.2 support. This might not be present if you are upgrading in place and an existing configuration file is in place.
| Code Block | ||||
|---|---|---|---|---|
| ||||
<configSections>
<!-- ... -->
<section name="FuseIT.G4S.SalesforceConnector" type="FuseIT.G4S.SalesforceConnector.SalesforceSettingsSection, FuseIT.G4S.SalesforceConnector" />
<!-- ... -->
</configSections>
<!-- ... -->
<FuseIT.Sitecore.SalesforceConnector>
<!--
timeOutMilliseconds: Indicates the time an XML Web service client waits for a synchronous XML Web service request to complete (in milliseconds).
clientId: Partner application API token (Case sensitive). Required to work with Professional Edition orgs.
uploadBatchSize: The maximum number of records that can be sent to Salesforce in an upload operation. This limit is defined by Salesforce.
-->
<binding timeOutMilliseconds="100000" clientId="" uploadBatchSize="200" />
<!-- Config to explicitly set the System.Net.ServicePointManager.SecurityProtocol -->
<securityProtocols>
<securityProtocol securityProtocolType="Tls" />
<securityProtocol securityProtocolType="Tls11" />
<securityProtocol securityProtocolType="Tls12" />
</securityProtocols>
<!-- Speedup Keyprefix lookups for known values -->
<keyPrefixes>
<add key="Lead" value="00Q"/>
<add key="Contact" value="003"/>
<add key="User" value="005"/>
<add key="Organization" value="00D"/>
</keyPrefixes>
</FuseIT.Sitecore.SalesforceConnector> |
Operating System support
If you are still receiving the error "Could not create SSL/TLS secure channel" and you are on Windows 7, Windows Server 2008 or 2012, this article may help to add TLS 1.2 support.