Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Migrate SOAP/REST client from TLS 1.0 to TLS 1.2

faced with next problem:

I have .net web application running under .NET Framework 4.5.2. Applicating communicates to SalesForce using:

  • SOAP API
  • REST API (https://github.com/developerforce/Force.com-Toolkit-for-NET/).

SalesForce announced disabling the TLS 1.0 encryption protocol on March 4, 2017. Do I need to do some adjustments in order to migrate to TLS 1.2?

The default System.Net.ServicePointManager.SecurityProtocol in .NET 4.5 is SecurityProtocolType.Tls|SecurityProtocolType.Ssl3, and .NET 4.5 supports up to TLS 1.2

Do I need to update System.Net.ServicePointManager.SecurityProtocol? If so, can it have an impact on communication with other api's?

I will be grateful for any help.

like image 490
Vasyl Senko Avatar asked Feb 03 '17 18:02

Vasyl Senko


People also ask

Does Soap support TLS?

SOAP Gateway clients can secure data exchanges with SOAP Gateway through HTTPS requests by using the SSL/TLS security protocol. Similarly, SSL/TLS connections are supported between SOAP Gateway and IMS™ Connect.

How do you enforce tls1 2 TO REST client using REST template?

add("Content-Type", MediaType. APPLICATION_JSON_VALUE); HttpEntity<Object> entity = new HttpEntity<Object>(requestAsString, headers); postForObject = restTemplate. postForObject(url, entity, responseClass );


1 Answers

We had some issues in the log alerting us that we were logging on salesforce api using an old protocol not so long ago, after searching a bit i initialise the security protocol with

System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

This will force all connection to use tls 1.2 within your program tho. Sometime it seemed some call were trying to use tls1.0 with the default config... However to be sure you don't need to change just download your API log history and check if you have any connection attempt below tls1.2 and if its the case force the upgrade to tls1.2

like image 93
Darksorrow Avatar answered Oct 16 '22 13:10

Darksorrow