Salesforce security changes impact K2 integration

In a phased approach, Salesforce began disabling TLS 1.0 encryption protocol to increase security. This change impacts K2 integration with Salesforce via the K2 Salesforce service broker. K2 has a fix available for supported K2 blackpearl versions (4.6.10, 4.6.11, and 4.7). This bulletin describes your options to ensure that your Salesforce-integrated K2 solutions continue to work.

You can disregard this bulletin if you do not integrate K2 solutions with Salesforce.

What is changing?

Last summer, Salesforce began disabling TLS 1.0 encryption support and, once complete in July 2017, will enforce TLS 1.1 or later. As the July 2017 end date approaches, you must update your K2 blackpearl environments to ensure that your Salesforce-integrated K2 solutions continue to work.

Read more about these Salesforce changes in their Knowledge Article.

What do I need to do to keep my K2 solutions working?

To ensure your Salesforce-integrated K2 solutions continue to work past July 2017, you have a few options. They are:

  • If you have 4.7 installed, no action is required. The applicable code fix has already been included. You may need to update your service instances. Please see the KB article (KB001764) for details.
  • If you have 4.6.10 or 4.6.11 installed, either upgrade to 4.7, or if you must remain on 4.6.10 or 4.6.11, request the code fix from K2 support by logging a support ticket.
  • If you have an older, unsupported version of K2 blackpearl installed (prior to 4.6.10), you must upgrade to a supported K2 version to receive the code fix.

Is this change documented?

There is a KB article (KB001764) available describing the error message you receive when using the unsupported TLS 1.0 encryption method.
 
In addition, the product documentation describing the Salesforce integration configuration is updated with this information.
 
 
Please contact your K2 Account Manager if you have any questions.
 
K2 Product Team