Required Salesforce Updates: TLS, Web-to-Case and Web-to-Lead Applications

Salesforce has updated its TLS encryption protocol and Web-to-Case and Web-to-Lead Endpoint, which will require time-sensitive updates to maintain the highest security and performance when using these Salesforce applications. Here is an overview of what is changing and what resources are available.

TLS 1.0 Encryption: Update by March 4, 2017
Salesforce is disabling the TLS 1.0 encryption protocol and requiring an update to TLS 1.1 or higher by March 4, 2017. TLS ensures that a connection to a remote endpoint is to the intended destination through encryption and endpoint identity verification. Updating to TLS 1.1 or 1.2 is necessary to maintain access to Salesforce websites and services such as Salesforce Communities, Customer and Partner Portals, Force.com sites and Site.com.

Impacts of TLS 1.0 disablement
The action required for this disablement will vary depending on the way your organization connects to the Salesforce service. Key areas of impact include:
• User browser access
• Microsoft email integrations
• API integrations
• Communities and sites
• Partner App/AppExchange Integrations
• Cash submission and management

TLS Online resources
• Secure Connections: How TLS 1.0 disablement impacts your organization
• Disable Readiness Checklist
• Salesforce disabling TLS 1.0 article
• TLS 1.0 in 6 Minutes video

How Redpath can help with the TLS 1.1 Update
We can help your organization see if these changes will impact the functionality of your applications and can assist with making the necessary updates. Please contact us for more information. If you are using these apps, please contact us to ensure that the apps will not be affected when TLS 1.1 is activated March 4th:

• Marketing Cloud formerly ExactTarget (Specifically the v2-v5 connectors)
• Pardot
• Salesforce Data Loader
• Other connectors that connect Appexchange apps
• Microsoft Integration Products
• Salesforce mobile apps
• Identity Connect
• Communities and Sites
• Custom HTTPS domains
• Desktop CTI and Open CTI
• Chatter Desktop
• Salesforce File Sync
• SalesforceIQ
• Single Sign-On

Web-to-Case and Web-to-Lead Endpoint: Update by Summer 2017
Salesforce has improved Web-to-Case (W2C) and Web-to-Lead (W2L) functionality. The endpoint that receives the W2C and W2L form submission data from company websites to create leads and cases in Salesforce has been updated to support this new functionality. All Salesforce customers W2C and W2L forms must update to the new endpoint URL by the Summer 2017 release to maintain functionality.

NOTE: The W2C/W2L HTML code generator functionality will be updated to reference the new endpoint URL with the Summer 2017 release. As such, W2C/W2L form HTML code generated from the Summer 2017 or later HTML code generator will already include the new endpoint and websites using the HTML code will not be impacted by this change.

Online Resources:

• Updating the Web-to-Case and Web-to-Lead Endpoint URL Salesforce article 

How Redpath can help with Web-to-Lead/Web-to-Case
Updating these forms are fairly easy. Re-running the generator and uploading the new code for the forms is typically the solution.If the forms reference other databases, additional steps may be required. If you need help verifying the setup of your Web-to-Lead/Web-to-Case forms, please contact us.