Applies To:
CPQ
Summary:
Unable to log into CPQ via Salesforce after upgrading TLS to a version above 1.0
Details:
If you update SFDC to use a TLS version above 1.0, unfortunately CPQ does not support yet (to be supported in CPQ version 2016.2). You should be unable to switch into CPQ from Salesforce even though you can directly log into CPQ if using your standard CPQ application URL (sandbox.webcomcpq.com, webcomcpq.com, etc), username, and password.
We have a fix in place for CPQ 2016.2 release to address this issue, but in the meantime, please continue to use TLS 1.0 in your SFDC environment.
The SFDC TLS 1.0 change isn't going to be mandatory until June according to the following article:
https://help.salesforce.com/apex/HTViewSolution?id=000221207
TLS 1.1 SWITCH DATES AS MANDATED BY SALESFORCE:
- Sandbox - June 25, 2016, at 9:30 AM PDT (16:30 UTC)
- Production - March 4, 2017, at 9:30 AM PST (17:30 UTC)
- login.salesforce.com, other services Early 2017
Callidus CPQ is targeted to be TLS 1.1 compatible before the June 25th, 2016 date.
Solution/Workaround:
In the meantime, here is how to turn off TLS 1.1 or to downgrade:
In Salesforce go to setup > develop > Critical updates. On that page, select deactivate "Require TLS 1.1 or higher for HTTPS connections".
References:
SC30228375
https://help.salesforce.com/apex/HTViewSolution?id=000221207