Retiring Weak TLS Cipher Suites | Zoho Creator Help

Retiring Weak TLS Cipher Suites | Zoho Creator Help

Hello everyone,

Greetings from Zoho Creator! Security is at the heart of everything we do, and we're continuously working to ensure our platform meets the highest standards. As part of this commitment, Zoho Creator will stop supporting older browsers and API clients that rely on weak security protocols (known as weak TLS cipher suites). 

To check if your setup is affected, simply visit https://tlstest.zoho.com/api. If the result shows "Strong cipher", you're all set and no action is needed.

What does this mean for you?

If you're using a modern, up-to-date browser (such as the latest versions of Chrome, Firefox, Safari, or Edge) or an API client, you're already good to go. No action is needed.

However, if you or your end users are still using older browsers or API clients, access to Zoho Creator could be interrupted once this change takes effect. The fix is simple: Upgrade to the latest version of your browser or API client.

What are API clients?

API clients are tools or applications that interact with Zoho Creator programmatically—for example, tools like Postman, custom scripts, or third-party integrations that connect to Creator via APIs. If you're using any such tools, please ensure they're updated to their latest versions.

When does this take effect?

This change will come into effect across all Zoho Creator data centers on June 30, 2026.

For the technically curious

For those who'd like to understand the specifics, after June 30, 2026, only the following strong TLS cipher suites will be supported:
TLS 1.2
  1. TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  2. TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  3. TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
  4. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  5. TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  6. TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
TLS 1.3
  1. TLS_AES_256_GCM_SHA384
  2. TLS_CHACHA20_POLY1305_SHA256
  3. TLS_AES_128_GCM_SHA256
For detailed information on this change, please visit our blog at https://www.zoho.com/blog/general/retiring-weak-tls-cipher-suites.html.

A note for our Partners 
Please ensure your customers and end users are informed about this change. If anyone encounters access issues after June 30, 2026, please keep in mind the resolution in most cases is as simple as upgrading to a modern browser or API client.

If you have any questions or need assistance, please don't hesitate to reach out to our support team. We're here to help.

Regards, 
The Zoho Creator Team