Our regular look at Salesforce Commerce Cloud this week shares with you that Salesforce Commerce Cloud is currently in the process of disabling the Transport Layer Security (TLS) 1.0.

What is it?

TLS is a cryptographic protocol that provides communications security over the computer network. Websites are able to use TLS to secure communication between their servers and web browsers. The TLS protocol aims primarily to provide privacy and data integrity between two communicating computer applications.

Why do I care?

The PCI Council suggests organisations migrate from TLS 1.0 to TLS 1.1 or higher before 30th June 2018.

SCC has already disabled outbound TLS 1.0 in the Commerce Cloud Digital 18.1 release and inbound in mid-February for the secondary instance group and mid-March for the primary instance group. However webstores which are behind the Cloudflare eCDN will still be able to receive inbound TLS 1.0 connections until May 8th.

SCC provide the ability to disable this manually by configuring the eCDN host under SSL/TLS settings. While Salesforce Commerce Cloud will be disabling only TLS 1.0 on May 8th, within the Commerce Cloud eCDN, using the required TLS 1.2 or higher preference set in Business Manager will disable both TLS 1.0 and TLS 1.1 protocols.

What do I need to know?

Ensure that all your inbound and outbound connections support TLS 1.1 or higher - click here for more information on this.

If you need any help with this procedure of disabling TLS 1.0 please do not hesitate to contact me.

Sign up to our regular email Commerce Cloud Condensed to keep up to date!