We wish to bring to your notice that due to a technical vulnerability with the SSL 3.0 protocol, Zoho CRM will stop extending support for it from November 30, 2014. As a result, you will have problems accessing Zoho CRM in the following cases:
- Your APIs use SSL 3.0 protocol to access Zoho CRM
- You use Zoho CRM Plug-in for Microsoft Outlook
In either case, we strongly recommend that you take the following measures to overcome this issue.
1. API users:
If you use APIs through SSL 3.0 protocol to access Zoho CRM, we insist that you switch to any of the following protocols right away so that you can continue to access Zoho CRM without hassles.
Following are the snippets that will need to be replaced:
.NET
System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;
.JAVA
SSLContext sslContext=SSLContext.getInstance("TLS");
PHP CURL
curl_setopt($curl, CURLOPT_SSLVERSION,1);
2. Users of Zoho CRM Plug-in for MS Outlook
The latest versions of Microsoft Outlook have already replaced SSL 3.0 with its TLS successors. Therefore we strongly recommend that you re-install the Zoho CRM Plug-in for Microsoft Outlook, so that you can continue to work with the plug-in without hassles.
Following are the links to re-install the plug-in for different versions of MS Outlook.
Besides these, Zoho CRM will no longer extend support to any browsers using SSL 3.0 protocol. In such a case, you will be prompted to update your browser to the appropriate latest versions.
If you fail to make these changes
before Nov 30, 2014, your API calls and Zoho CRM plug-in for MS Outlook will not work.
To know more about what's called the POODLE attack, check out the links below:
Take these measures right away so that you are not affected by this attack. We are here to help you if you have any questions.
Regards,
Vaagdevi Ravishankar