Skip to Content

TLS version compatibility upgrade

Introduction

Harmony supports Transport Layer Security (TLS) 1.2 encryption, with limited backward compatibility with TLS 1.1 and TLS 1.0.

We recommend using TLS 1.2 with your endpoints where possible, as TLS 1.1 and TLS 1.0 are subject to security vulnerabilities and have been disabled in many systems.

In addition, using TLS 1.2 may be required in order to meet requirements for some endpoints. For example, starting in September 2019, Salesforce began disabling TLS 1.1 and requiring the TLS 1.2 version (see Salesforce Disabling TLS 1.1).

Tip

For additional details on how Jitterbit manages information security, see the Jitterbit security and architecture white paper.

TLS support in Jitterbit applications

Jitterbit cloud agents and web-based applications accessed through the Harmony portal already use TLS 1.2 automatically without user action. Cloud agents 10.47 and higher no longer support TLS 1.0 and TLS 1.1 with JDBC driver connections to database endpoints in Integration Studio (Database connection) and Design Studio (Database source and Database target).

If you have an older version of a locally installed Jitterbit application, you may need to upgrade the version in order to use TLS 1.2. Later versions of some Jitterbit applications may no longer be backward compatible with TLS 1.1 or TLS 1.0, as noted below. To check the version you are currently using, see Finding my Jitterbit version.

These are the minimum Jitterbit versions that support TLS 1.2 and instructions for upgrading:

  • Jitterbit cloud API gateway The Jitterbit cloud API gateway supports and requires TLS 1.2. TLS 1.1 and TLS 1.0 are no longer supported. Though we do not recommend it, if you require TLS 1.1 a Jitterbit private API gateway can be configured and used with TLS 1.1.

  • Jitterbit private agents
    Private agent versions 8.4 and later support TLS 1.2. For upgrade instructions, see these pages:

    Private agent versions 10.47 and later no longer support TLS 1.0 and TLS 1.1 for JDBC driver connections to database endpoints by default. TLS 1.0 or 1.1 can be re-enabled (though not recommended) by removing TLSv1 or TLSv1.1 from the jdk.tls.disabledAlgorithms security property in the private agent java.security configuration file.

    The private agent java.security configuration file is located in these default directories:

    Windows
    C:\Program Files\Jitterbit Agent\jre\lib\security
    
    Linux
    /opt/jitterbit/jre/lib/security
    
  • Jitterbit Design Studio
    Design Studio versions 8.4 and later support TLS 1.2. For upgrade instructions, see these pages:

  • Jitterbit Data Loader
    Data Loader versions 8.16.13.1 and later support TLS 1.2. For upgrade instructions, see Upgrade Jitterbit Data Loader.

    Data Loader versions 10.47 and later no longer support TLS 1.0 and TLS 1.1 for JDBC driver connections to database endpoints by default. TLS 1.0 or 1.1 can be re-enabled (though not recommended) by removing TLSv1 or TLSv1.1 from the jdk.tls.disabledAlgorithms security property in the Data Loader java.security configuration file, which can be found at this default location:

    C:\Program Files (x86)\Jitterbit Cloud Data Loader\jre\lib\security
    
  • Jitterbit private API gateway
    Jitterbit private API gateway versions 8.14 and later support TLS 1.2. TLS 1.0 is no longer supported as of private API gateway version 10.3. For upgrade instructions, see Install a private API gateway.

  • Jitterbit version 5
    Legacy versions 5.5.2 and later support TLS 1.2.