TLS Version Compatibility Upgrade

Introduction

Jitterbit Harmony supports Transport Layer Security (TLS) 1.2 encryption, with limited backward compatibility with TLS 1.1 and TLS 1.0.

We recommend using TLS 1.2 with your endpoints where possible, as TLS 1.1 and TLS 1.0 are subject to security vulnerabilities and have been disabled in many systems.

In addition, using TLS 1.2 may be required in order to meet requirements for some endpoints. For example, starting in September 2019, Salesforce began disabling TLS 1.1 and requiring the TLS 1.2 version (see Salesforce Disabling TLS 1.1).

TLS Support in Jitterbit Applications

Jitterbit Harmony Cloud Agents and cloud-based Harmony applications accessed through the Jitterbit Harmony Portal (Cloud Studio, API Manager, Citizen Integrator, and the Management Console) already use TLS 1.2 automatically without user action. Cloud Agents 10.47 and higher no longer support TLS 1.0 and TLS 1.1 with JDBC driver connections to database endpoints in Cloud Studio (Database Connection) and Design Studio (Database Source and Database Target).

If you have an older version of a locally installed Jitterbit application, you may need to upgrade the version in order to use TLS 1.2. Later versions of some Jitterbit applications may no longer be backward compatible with TLS 1.1 or TLS 1.0, as noted below. To check the version you are currently using, see Finding My Jitterbit Version.

These are the minimum Jitterbit versions that support TLS 1.2 and instructions for upgrading:

• Jitterbit Harmony Private Agents
  Private Agent versions 8.4 and later support TLS 1.2. For upgrade instructions, see these pages:
  • Installing a Jitterbit Harmony Linux Agent
  • Installing a Jitterbit Harmony Windows Agent
  • Installing a Jitterbit Harmony Docker Agent
  Private Agent versions 10.47 and later no longer support TLS 1.0 and TLS 1.1 for JDBC driver connections to database endpoints by default. TLS 1.0 or 1.1 can be re-enabled (though not recommended) by removing TLSv1 or TLSv1.1 from the jdk.tls.disabledAlgorithms security property in the Private Agent java.security configuration file.

  The Private Agent java.security configuration file is located in these default directories:
  

  Windows

  C:\Program Files\Jitterbit Agent\jre\lib\security

  Linux

  /opt/jitterbit/jre/lib/security

• Jitterbit Harmony Design Studio
  Design Studio versions 8.4 and later support TLS 1.2. For upgrade instructions, see these pages:
  • Installing Jitterbit Design Studio on macOS
  • Installing Jitterbit Design Studio on Windows
• Jitterbit Harmony Data Loader
  Data Loader versions 8.16.13.1 and later support TLS 1.2. For upgrade instructions, see Upgrading Jitterbit Data Loader.

  Data Loader versions 10.47 and later no longer support TLS 1.0 and TLS 1.1 for JDBC driver connections to database endpoints by default. TLS 1.0 or 1.1 can be re-enabled (though not recommended) by removing TLSv1 or TLSv1.1 from the jdk.tls.disabledAlgorithms security property in the Data Loader java.security configuration file, which can be found at this default location:

  C:\Program Files (x86)\Jitterbit Cloud Data Loader\jre\lib\security

• Jitterbit Private API Gateway
  Jitterbit Private API Gateway versions 8.14 and later support TLS 1.2. TLS 1.0 is no longer supported as of Private API Gateway version 10.3. For upgrade instructions, see Jitterbit Private API Gateway.
• Jitterbit Version 5
  Legacy versions 5.5.2 and later support TLS 1.2. For upgrade instructions, see Downloading and Installing Jitterbit Linux Server v5.x.