Salesforce disabling SSL 3.0 support

In light of this article:

https://help.salesforce.com/apex/HTViewSolution?urlname=Salesforce-disabling-SSL-3-0-encryption&language=en_US

Salesforce is disabling SSL 3.0.

As a developer integrating with 3rd party apps what does it mean for me. How is it going to impact existing integrations. Example, an app that I built makes Apex REST callouts to say https://data.someserver.com should I be changing something in my Apex code for this callout to work the way it is working right now or something needs to be changed at “data.someserver.com” the article itself doesn’t share any details on dealing with it. Some clarity on this is much appreciated.

Thanks!!

Answer

Salesforce disabled SSLv3 back in 2014. This was caused by a vulnerability called poodle.

In case your external application relies on SSLv3 the integration between the external service and salesforce doesn’t work anymore.

SSLv3 is a very old standard and I assume that the external system has to be more than 15 years old.

What can we learn from disabling SSLv3?

It is kind of clear that in the future salesforce and other companies will and have to discontinue several old standards. Therefore we have to and should try to upgrade our infrastructure and services from time to time.

Attribution
Source : Link , Question Author : Mohd Nadeem Shaikh , Answer Author : Christian Deckert

Leave a Comment