Print this page

Prepare Your Users to Continue Using Salesforce for Outlook After TLS 1.0 Is Disabled

Knowledge Article Number 000231406

What’s changing for Salesforce for Outlook users?

To comply with the latest industry standards surrounding TLS encryption, Salesforce will soon discontinue support for TLS 1.0 encryption protocol. Salesforce will stop responding to calls using TLS 1.0, and respond only to those using TLS 1.1 or 1.2. These changes require customers to ensure that their computing environments are compatible with TLS 1.1 and 1.2, and may require users to upgrade their computing systems.

In addition, customers using Salesforce for Outlook, are required to complete steps to prepare their users’ computing environments to run the product after these changes take effect.


What action do I need to take for my Salesforce for Outlook users?
After Salesforce disables TLS 1.0, any inbound connections to or outbound connections from Salesforce will need to use the TLS 1.1 or TLS 1.2 encryption protocol. All Salesforce users are required to ensure that their computing environments are compatible with TLS 1.1 and 1.2 to continue using Salesforce. You can find requirements and instructions for preparing your org for this transition from the Salesforce Disabling TLS 1.0 article.

In addition to following those instructions to continuing using Salesforce, Salesforce for Outlook users must take additional steps to continue working with Salesforce for Outlook:


                  Upgrade to the latest version of Salesforce for Outlook:
                  Customers using Salesforce for Outlook 2.9.3 and earlier have to upgrade to Salesforce for Outlook v3.0.0 or later before Salesforce disables TLS 1.0 to continue using the feature. See this for the upgrade process:

Confirm that users’ Internet Explorer browsers are TLS 1.1 or 1.2 compatible:
To quickly test your browser compatibility, you can visit our test site, from Internet Explorer which has TLS 1.0 disabled. If you are able to view the site without errors, access to Salesforce via your Internet Explorer should not be impacted by this change. For a full list of Internet Explorer browsers that are compatible with TLS 1.1 and higher, see the Enabling TLS 1.1 and TLS 1.2 in Internet Explorer article. Note that some Salesforce for Outlook features only run on systems using Internet Explorer 9 and later. See the Salesforce for Outlook System Requirements for more details.

Moving users off of Microsoft Windows Vista®:
Because Salesforce must retire Vista to comply with the latest TLS industry standards, Vista users won’t be able to access Salesforce for Outlook.

Install the appropriate version of Microsoft NET Framework if using the .msi installer:
If your company pushes Salesforce for Outlook upgrades using the .msi installer, make sure that users have the appropriate version of Microsoft NET Framework installed on their operating systems. Salesforce for Outlook v3.1.2 supports NET 4.5.2, 4.6, and 4.6.1. Salesforce for Outlook v3.2.0 supports NET 4.5.2, 4.6, 4.6.1, and 4.6.2. Note: When users install Salesforce for Outlook using the .exe file available from the Download button from Settings>Salesforce for Outlook, the required version of Microsoft NET Framework is installed automatically--there’s no need for you to take further action to ensure that users have the correct NET Framework installed.

Make sure users meet the usual requirements:
As always, check out the Salesforce for Outlook System Requirements before you set up the product for your users.

If my users computing systems no longer meet the Salesforce for Outlook system requirements, what are my options?
If the computing system that your company already has in place prevents you from using Salesforce for Outlook after TLS 1.0 disablement, we encourage you to review the system requirements for the Lightning for Outlook, and it’s companion sync component, Lightning Sync. These features support the latest Microsoft applications and includes many of the same features as Salesforce for Outlook.

When will Salesforce disable TLS 1.0 encryption?
See the Salesforce disabling TLS 1.0 article for an up-to-date disablement schedule.

How does Salesforce for Outlook respond to the Critical Update Console (CRUC) setting in Salesforce?
If you enable the Critical Update Console (CRUC) setting to test whether your computing systems are ready for TLS 1.0 disablement, Salesforce for Outlook doesn’t work for users on Salesforce for Outlook v2.9.3 and earlier. The product does work for users on Salesforce for Outlook v3.0.0 or later.

Where can I get more information?
Review the Salesforce disabling TLS 1.0 article for detailed information about the Salesforce-wide change. If you have any additional questions, please reach out to Customer Support by opening a case via the Help & Training portal.

promote demote