End of Support for older TLS versions in Zoho

In order to keep your communication with Zoho with more security, we will be retiring the support for older TLS versions 1.0 and 1.1 by 5th December 2018, and our users need to upgrade to TLS v1.2 to enjoy uninterrupted and secure transfer of their data.

What is SSL/Early TLS?

Transport Layer Security (TLS), formerly Secure Sockets Layer (SSL), is the old security standard for setting up connections between systems. It requires encrypting information in transit to ensure privacy, and authenticating the systems involved to make sure information doesn't end up in the wrong hands.

Why is the update necessary?

Older TLS versions don't meet security standards anymore. They have some vulnerabilities without viable solutions, so they're being replaced with a set of more secure protocols.

According to PCI standards, TLS v1.2 is the most advanced protocol yet, as it eliminates the vulnerabilities faced by the previous versions, i.e, TLS v1.0 and v1.1. Everyone who uses secure servers and browsers to access the data and API from Zoho, are expected to make this update to protect their data security.

What is your part as an end user?

Web User:

As an end user, if the customer is accessing our applications from any web browser, it must belong to one of the following specifications to support TLS 1.2

  • Internet Explorer version 11 or above ( For IE 9 & IE 10 settings should be changed on the customer end to enable TLS1.2 )

  • Google Chrome version 30 or above

  • Mozilla Firefox 27 or above

  • Safari 7 or above


Mobile User:

If the customer accesses our applications through a mobile platform, it must belong to the following specifications:

  • Google Android version 4.1 or above

  • iOS 5.1 or above

  • Windows Phone 8.1 or above


API User:

If the customer is using any of the following programming languages, they must upgrade to communicate with our API:

  • Java 6u45

  • Java 7u25

  • OpenSSL 0.9.8y

  • .NET 4.5 and below

  • .NET 4.5 (settings should be changed to enable TLS 1.2)

 

Please refer this link for further details regarding the requirements. You can also use this link to test if your browser supports TLS v1.2. Furthermore, for API users, we will be initiating individual mail communication. You can visit our forum on TLS 1.2 update APIs for more information.

If you use Zoho CRM, you can use this link to know more about this update with aspects specific to CRM.

 

Comments

22 Replies to End of Support for older TLS versions in Zoho

  1. First of all, it's 7 November and NOT 5 December and I can't get into my CRM from ANY browser! I have the latest versions according to every browser yet YOU won't let me get to my CRM! I am paying for your CRM and this is simply NOT acceptable!

  2. My name is Josefina. I've been having problems with entering zoho mail (projects@auratrans.com) from my computer (I have tried with other computers and I can enter without a problem). I tried updating Chrome, using another browser and nothing works. How can I solve this? I'll be waiting for your comments.

  3. It looks like I need to find a more useful email account. Since I am using a browser that the federal government uses for all internet usage. This is an email account, not the Bank of the World account. I think you have gone off the deep end.

  4. I use the Zoho Mail client v.2.3.10 (the latest available in the store) on an Android tablet 4.4.2., but still I got a message it is outdated when I wanted to add a new account. Is there a plan to upgrade the application before the deadline (at least to continue use my current settings)?

    1. If you are using older TLS versions, you won't be able to access Zoho services irrespective the services/products you use. If you are using Safari version 7 or greater in your Mac, TLS 1.1 and TLS 1.2 are automatically enabled. The same holds good for other compatible browsers mentioned in the blog. Please access "https://tlstest.zoho.com/" in your browser to verify your TLS version. In case of successful connection, you will get message as "Connection Success" In case of failure, you will get "Connection failed due to older TLS version. Please use TLS1.2"

  5. Hi Team, We have integrated to Zoho people with .Net and we are using .Net Framework Version : 4.5.1.. Will this New Security version TLS2.0 supports our application. I have attached configuration code below <!---->

    1. Hello!, You have two options: 1. By default, TLS1.2 is supported in .NET 4.6 and above only. So, you can upgrade yours to .NET 4.6. 2. It could also be that TLS 1.2 is supported, but it hasn't been made as the default protocol. In that case, you can do that by opting in and using the code "ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12". For further queries, please contact us at security@zohocorp.com.

Leave a Reply

Your email address will not be published.

The comment language code.
By submitting this form, you agree to the processing of personal data according to our Privacy Policy.

Related Posts