Environment : Sandbox
I am using callout to pull the data from api to Salsesforce. It was working untill salesforce disable TLS 1.0. Today I ran the apex callout and got the following error
System.CalloutException: Server chose TLSv1, but that protocol version
is not enabled or not supported by the client
Then I checked Internet about this error and came to know that salesforce disabled TLS 1.0. I also got some information TLS 1.0 Disablement Critical Update Console (CRUC) Setting. But unfortunately am not able to see that Require TLS 1.1 or higher for HTTPS connections in CRUC.
Then I checked my callout url using Qualysis SSL Labs and got the result like below
So, my callout url api is not supported for TLS 1.1 and TLS 1.2.
Now what action I need to take to work properly again.
Thanks.
Update : My Chrome Browser is up to date with Supporting TLS 1.0, 1.1, 1.2
Best Answer
The short answer is, you will need to update the endpoint server to enable TLS 1.1 or above.
Here are details on how you can enable TLS 1.1 and above : https://help.salesforce.com/apex/HTViewSolution?id=000221207#OutboundIntegrations
If this third party sever/endpoint is not in your control then you will have to request sever owner for upgrade.
If that is not possible then you will have to create a middle-ware which can communicate with both TLS 1.0 & TLS 1.1 and above.
Then from salesforce you need to send send request to your middle-ware/agent and from agent send it to the actual 3rd party.
PS: This disablement is for only sandbox for now and production org will continue to work till March 4, 2017. Although its not advisable to wait till March 4, 2017.