Require TLS 1.2 for HTTPS Connections in Communities and Sites (Critical Update, Enforced)

Require TLS 1.2 for HTTPS Connections in Communities and Sites was a critical update in Summer ’19 and is enforced on October 25, 2019. To maintain the highest security standards and promote the safety of your data, Salesforce is disabling the older Transport Layer Security (TLS) 1.1 encryption protocol. All inbound connections to or outbound connections from your Salesforce communities, sites, and portals must use TLS 1.2. Verify that your browser access, API integrations, and other Salesforce features are compliant with TLS 1.2.

Where: This change applies to communities and sites accessed through Lightning Experience and Salesforce Classic in Essentials, Enterprise, Performance, Unlimited, and Developer editions.

When: This critical update is enforced for production orgs on October 25, 2019. Communities enabled after this date require TLS 1.2 by default. For other implementation dates, see the knowledge article, Salesforce Disabling TLS 1.1.

How: We recommend that you test this update in a sandbox or Developer Edition org to verify end-to-end compatibility before enabling it in your production org. We also recommend that you inform your community users about this upcoming change and encourage them to upgrade to browsers that support TLS 1.2.

To activate this critical update before October 25, 2019, from Setup, enter Critical Updates in the Quick Find box, then select Critical Updates. For Require TLS 1.2 for HTTPS Connections for Communities and Sites, click Activate.