In order to keep your communication with Zoho with more security, we will be retiring the support for older TLS versions 1.0 and 1.1 by 5th December 2018, and our users need to upgrade to TLS v1.2 to enjoy uninterrupted and secure transfer of their data.

What is SSL/Early TLS?

Transport Layer Security (TLS), formerly Secure Sockets Layer (SSL), is the old security standard for setting up connections between systems. It requires encrypting information in transit to ensure privacy, and authenticating the systems involved to make sure information doesn’t end up in the wrong hands.


Why is the update necessary?

Older TLS versions don’t meet security standards anymore. They have some vulnerabilities without viable solutions, so they’re being replaced with a set of more secure protocols.


According to PCI standards, TLS v1.2 is the most advanced protocol yet, as it eliminates the vulnerabilities faced by the previous versions, i.e, TLS v1.0 and v1.1. Everyone who uses secure servers and browsers to access the data and API from Zoho, are expected to make this update to protect their data security.

What is your part as an end user?

Web User:

As an end user, if the customer is accessing our applications from any web browser, it must belong to one of the following specifications to support TLS 1.2

  • Internet Explorer version 11 or above ( For IE 9 & IE 10 settings should be changed on the customer end to enable TLS1.2 )

  • Google Chrome version 30 or above

  • Mozilla Firefox 27 or above

  • Safari 7 or above


Mobile User:

If the customer accesses our applications through a mobile platform, it must belong to the following specifications:

  • Google Android version 4.1 or above

  • iOS 5.1 or above

  • Windows Phone 8.1 or above


API User:

If the customer is using any of the following programming languages, they must upgrade to communicate with our API:

  • Java 6u45

  • Java 7u25

  • OpenSSL 0.9.8y

  • .NET 4.5 and below

  • .NET 4.5 (settings should be changed to enable TLS 1.2)

 

Please refer this link for further details regarding the requirements. You can also use this link to test if your browser supports TLS v1.2. Furthermore, for API users, we will be initiating individual mail communication. You can visit our forum on TLS 1.2 update APIs for more information.

If you use Zoho CRM, you can use this link to know more about this update with aspects specific to CRM.

 

 

Tags : TLS / Zoho Security

  1. Sanjay Sabharwal

    My inbox mails are not visible, showing blank,.

    • sivaram pr

      please shoot a mail to support@zohomobile.com with details of the technical difficulties you are facing.

  2. Irsan Khan

    Dear Team
    i am unable to open it on zoho mail
    Please help me

    • sivaram pr

      please shoot a mail to support@zohomobile.com with a details of the technical difficulties you are facing.

  3. carol

    I have since changed email address will this effect me

    • sivaram pr

      No, changing of email address and the version update mentioned in this blog are unrelated.

  4. A R

    I use the Zoho Mail client v.2.3.10 (the latest available in the store) on an Android tablet 4.4.2., but still I got a message it is outdated when I wanted to add a new account. Is there a plan to upgrade the application before the deadline (at least to continue use my current settings)?

    • sivaram pr

      please shoot a mail to support@zohomobile.com with details of the technical difficulties you are facing.

  5. Dr Sudhir

    i am unable to open it on safari Version 12.0 (13606.2.11)
    Please help

    • sivaram pr

      For personalised help, please contact security@zohocorp.com, preferably with more light on the issue.

  6. Elaine

    How does this effect a Mac user who uses the Calendar and Docs spreadsheet only?

    • sivaram pr

      If you are using older TLS versions, you won’t be able to access Zoho services irrespective the services/products you use. If you are using Safari version 7 or greater in your Mac, TLS 1.1 and TLS 1.2 are automatically enabled. The same holds good for other compatible browsers mentioned in the blog.
      Please access “https://tlstest.zoho.com/” in your browser to verify your TLS version.
      In case of successful connection, you will get message as “Connection Success”
      In case of failure, you will get “Connection failed due to older TLS version. Please use TLS1.2”

  7. Shankar Reshmimath

    Hi Team,

    We have integrated to Zoho people with .Net and we are using .Net Framework Version : 4.5.1.. Will this New Security version TLS2.0 supports our application.

    I have attached configuration code below

    <!—->

    • Shiva

      Hello!,
      You have two options:
      1. By default, TLS1.2 is supported in .NET 4.6 and above only. So, you can upgrade yours to .NET 4.6.
      2. It could also be that TLS 1.2 is supported, but it hasn’t been made as the default protocol. In that case, you can do that by opting in and
      using the code “ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12”.
      For further queries, please contact us at security@zohocorp.com.