Sonoma Partners Microsoft CRM and Salesforce Blog

Salesforce, WCF, and TLS 1.0

Today's guest blogger is Nathen Drees, a Senior Developer at Sonoma Partners.

I recently ran across an issue with a tool we had built that connects to Salesforce using WCF.

Up until recently, this tool had been working as expected and worked in the background without much thought. Then we found that when the users would go to log in to Salesforce through this tool, they would receive the error:

“tls 1.0 has been disabled in this organization. Please use TLS 1.1 or higher when connecting to Salesforce using https.”

It turns out the underlying cause of this was a recent critical update pushed out by Salesforce to disable TLS 1.0. While we did know about this critical update, we didn’t think WCF would be affected by this. It turns out the despite WCF being capable of supporting TLS 1.1 and 1.2 (with .NET 4.5+ installed), it doesn’t use the more secure protocols by default, even if the server supports them.

The fix for this is pretty straight forward, you just need to add one line of code to the beginning of your application to tell WCF to use 1.1 or 1.2:

While not a hard fix, it still is disappointing the WCF doesn’t automatically upgrade to more secure protocols when available.

Topics: Salesforce