Deprecation of TLS 1.0 and 1.1 for MuleSoft Shared Load Balancer and Dedicated Load Balancer - FAQ

For previous TLS deprecation changes, which only impacted CloudHub 2.0, refer to this KB article.

Q1: What is the actual change for Shared Load Balancer (SLB)?
Inbound connections using TLS version 1.0 and 1.1 to CloudHub 1.0 Shared Load Balancer will be blocked from the week of October 27  2025. 

Q2: Any changes to Dedicated Load Balancer (DLB)?
Effective December 1, 2025, customers won’t be able to configure TLS 1.1 or earlier in any new DLB created after that date across all Mule runtime versions. However, existing TLS 1.1 and 1.0 connections will continue to work until Oct 31, 2026. All existing DLB connections using TLS 1.1 or earlier will be stopped on Oct 31, 2026.

Q3: What actions do customers need to take?
To avoid disruption, customers need to:
a) Update the configurations in their CloudHub 1.0 applications that are targeting (i.e. making a request via) SLB:

• Do not configure enabledProtocols and enabledCipherSuites; keep the default configuration. If these settings are currently configured in the application using SLB, please remove them.
• If it is necessary to specify these configurations, only use TLS 1.2 or higher versions.

b) If clients are using TLS <= 1.1 to make inbound connections to applications running on CloudHub 1.0 SLB, please instruct them to use TLS 1.2 or above.