Zuora Disabling TLS 1.0 (2016)

Document created by mike_aronson Employee on Mar 30, 2016Last modified by mike_aronson Employee on Mar 20, 2017
Version 6Show Document
  • View in full screen mode

Summary

 

Zuora will disable TLS 1.0 for all inbound calls to production on October 13th, 2016. This change will impact all channels including SOAP APIs, REST APIs and browser based traffic (UI).

 

Zuora is planning to disable TLS 1.0 encryption protocol for inbound and outbound connections in a phased approach.  Both were originally scheduled for April 7, 2016, however Zuora re-scheduled deprecation of TLS 1.0 for their production environments, the new date is posted here.  (To be kept up-to-date in real-time on the TLS 1.0 Deprecation schedule, please subscribe to Zuora Announcements in the Zuora Community.)

REMINDER: Phase 2 of TLS 1.0 Deprecation Postponed.

[Action Required] Zuora is Disabling TLS 1.0 - Zuora Community - updated 6/3/2016

 

This could affect integration processes developed in Boomi using the Zuora Connector or any generic technology connector to integrate with Zuora.

 

What are the plans and actions you must take going forward?

Java 6 supports TLS 1.0, but does not support TLS 1.1 or 1.2 protocols, so if you had an atom running on Java 6, it would not be able to communicate with Zuora when they disable TLS 1.0.  Because Dell Boomi enables integrations with multiple endpoints, we have ended operations for atoms on Java 6 on May 4, 2016.

 

Dell Boomi atoms currently support TLS 1.0 and TLS 1.2 and will be able to communicate with Zuora if the atom is running on Java 7 or Java 8.

 

If you receive a related error after the deprecation, there is an atom system property that can be added to the atom.vmoptions file to force TLS v1.1 or TLS 1.2, for example:

 

-Dhttps.protocols=TLSv1.2

 

and then restart the atom.

 

Reference: Diagnosing TLS, SSL and HTTPS

 

 

More Information

2 people found this helpful

Attachments

    Outcomes