Hello,
The
Zoho Marketing Automation team here with an important security update. Keeping
your data safe is something we take seriously, and as part of our
ongoing efforts to strengthen platform security, Zoho Marketing Automation will
stop supporting older browsers and API clients that rely on weak
security protocols (known as weak TLS cipher suites).
To check if your setup is affected, simply visit https://tlstest.zoho.com/api. When
you open the link, you'll get a short message. If it says Strong
cipher, you're good. If it says Weak cipher, it's time to update.
What does this mean for you?
If
you're using a modern, up-to-date browser (such as the latest versions
of Chrome, Firefox, Safari, or ChatGPT Atlas) or an API client, you're
already good to go. No action is needed.
However,
if you or your end users are still using older browsers or API clients,
access to Zoho Marketing Automation could be interrupted once this change takes
effect. The fix is simple: Upgrade to the latest version of your browser or API client.
When does this take effect?
This change will come into effect across all Zoho Marketing Automation data centers on June 30, 2026.
What are API clients?
API
clients are tools or applications that interact with Zoho Marketing Automation programmatically, for example, tools like Postman, custom scripts, or
third-party integrations that connect to Zoho Marketing Automation via APIs. If
you're using any such tools, please ensure they're updated to their
latest versions.
What is TLS, and why does it matter?
TLS
is the technology that creates a secure, encrypted connection between
your browser or app and the websites and services you use. Think of it
as the lock on a digital door. Over time, some older lock designs have
become easier for attackers to break. This update means Zoho Marketing
Automation will only accept connections through newer, stronger locks,
keeping your
data and your contacts' data better protected.
Under the hood: what's changing
For
those who'd like to understand the specifics, after June 30, 2026, only
the following strong TLS cipher suites will be supported:
TLS 1.2
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
TLS 1.3
TLS_AES_256_GCM_SHA384
TLS_CHACHA20_POLY1305_SHA256
TLS_AES_128_GCM_SHA256
Partners: help us pass this along
Please
ensure your customers and end users are informed about this change. If
anyone encounters access issues after June 30, 2026, please keep in mind
the resolution in most cases is as simple as upgrading to a modern
browser or API client.
Regards,
The Zoho Marketing Automation Team