TLS Version Compatibility Upgrade¶
Jitterbit Harmony supports Transport Layer Security (TLS) 1.2 encryption, with limited backward compatibility with TLS 1.1 and TLS 1.0.
We recommend using TLS 1.2 with your endpoints where possible, as TLS 1.1 and TLS 1.0 are subject to security vulnerabilities and have been disabled in many systems.
In addition, using TLS 1.2 may be required in order to meet requirements for some endpoints. For example, starting in September 2019, Salesforce began disabling TLS 1.1 and requiring the TLS 1.2 version (see Salesforce Disabling TLS 1.1).
For additional details on how Jitterbit manages information security, see the Jitterbit Security and Architecture White Paper.
TLS Support in Jitterbit Applications¶
Jitterbit Harmony Cloud Agents and cloud-based Harmony applications accessed through the Jitterbit Harmony Portal already use TLS 1.2 automatically without user action. Cloud Agents 10.47 and higher no longer support TLS 1.0 and TLS 1.1 with JDBC driver connections to database endpoints in Cloud Studio (Database Connection) and Design Studio (Database Source and Database Target).
If you have an older version of a locally installed Jitterbit application, you may need to upgrade the version in order to use TLS 1.2. Later versions of some Jitterbit applications may no longer be backward compatible with TLS 1.1 or TLS 1.0, as noted below. To check the version you are currently using, see Finding My Jitterbit Version.
These are the minimum Jitterbit versions that support TLS 1.2 and instructions for upgrading:
Jitterbit Cloud API Gateway The Jitterbit Cloud API Gateway supports and requires TLS 1.2. TLS 1.1 and TLS 1.0 are no longer supported. Though we do not recommend it, if you require TLS 1.1 a Jitterbit Private API Gateway can be configured and used with TLS 1.1.
Jitterbit Harmony Private Agents
Private Agent versions 8.4 and later support TLS 1.2. For upgrade instructions, see these pages:
- Installing a Jitterbit Harmony Linux Agent
- Installing a Jitterbit Harmony Windows Agent
- Installing a Jitterbit Harmony Docker Agent
Private Agent versions 10.47 and later no longer support TLS 1.0 and TLS 1.1 for JDBC driver connections to database endpoints by default. TLS 1.0 or 1.1 can be re-enabled (though not recommended) by removing
jdk.tls.disabledAlgorithmssecurity property in the Private Agent
The Private Agent
java.securityconfiguration file is located in these default directories:Windows
C:\Program Files\Jitterbit Agent\jre\lib\securityLinux
Jitterbit Harmony Design Studio
Design Studio versions 8.4 and later support TLS 1.2. For upgrade instructions, see these pages:
Data Loader versions 10.47 and later no longer support TLS 1.0 and TLS 1.1 for JDBC driver connections to database endpoints by default. TLS 1.0 or 1.1 can be re-enabled (though not recommended) by removing
jdk.tls.disabledAlgorithmssecurity property in the Data Loader
java.securityconfiguration file, which can be found at this default location:
C:\Program Files (x86)\Jitterbit Cloud Data Loader\jre\lib\security
Jitterbit Private API Gateway
Jitterbit Private API Gateway versions 8.14 and later support TLS 1.2. TLS 1.0 is no longer supported as of Private API Gateway version 10.3. For upgrade instructions, see Installing a Private API Gateway.
Jitterbit Version 5
Legacy versions 5.5.2 and later support TLS 1.2. For upgrade instructions, see Downloading and Installing Jitterbit Linux Server v5.x.