Zuora will disable TLS 1.0 for all inbound calls to production on October 13th, 2016. This change will impact all channels including SOAP APIs, REST APIs and browser based traffic (UI).
Zuora is planning to disable TLS 1.0 encryption protocol for inbound and outbound connections in a phased approach. Both were originally scheduled for April 7, 2016, however Zuora re-scheduled deprecation of TLS 1.0 for their production environments, the new date is posted here. (To be kept up-to-date in real-time on the TLS 1.0 Deprecation schedule, please subscribe to Zuora Announcements in the Zuora Community.)
[Action Required] Zuora is Disabling TLS 1.0 - Zuora Community - updated 6/3/2016
This could affect integration processes developed in Boomi using the Zuora Connector or any generic technology connector to integrate with Zuora.
What are the plans and actions you must take going forward?
Java 6 supports TLS 1.0, but does not support TLS 1.1 or 1.2 protocols, so if you had an atom running on Java 6, it would not be able to communicate with Zuora when they disable TLS 1.0. Because Dell Boomi enables integrations with multiple endpoints, we have ended operations for atoms on Java 6 on May 4, 2016.
Dell Boomi atoms currently support TLS 1.0 and TLS 1.2 and will be able to communicate with Zuora if the atom is running on Java 7 or Java 8.
If you receive a related error after the deprecation, there is an atom system property that can be added to the atom.vmoptions file to force TLS v1.1 or TLS 1.2, for example:
and then restart the atom.
Reference: Diagnosing TLS, SSL and HTTPS
- See Java 6 Sunset and Upgrade Home for complete sunset and upgrade coverage.
- Announcement from Zuora
- REMINDER: Phase 2 of TLS 1.0 Deprecation Postponed.
- Diagnosing TLS, SSL and HTTPS