# Enable TLS 1.2 for Authorize.Net and Salesforce API calls
**by:** Shailesh Patel     **in:**  [General](https://www.systenics.com/blogs/category/general)     **tags:**  [*ASP.NET MVC*](https://www.systenics.com/blogs/tag/aspnet-mvc) ,  [*SalesForce*](https://www.systenics.com/blogs/tag/salesforce)
## Introduction

This tutorial explains how to enable TLS 1.2 for Authorize.Net and
Salesforce API calls. Authorize.Net and Salesforce have been preparing
for using TLS 1.1 or higher since past few months. Both of them have
changed their developer or sandbox accounts to use TLS 1.1 or higher or
TLS 1.2. Authorize.Net plans to switch production to TLS 1.2 by Sept 18,
2017 (refer
[this link](https://community.developer.authorize.net/t5/News-and-Announcements/Experiencing-Sandbox-Connection-Issues-TLS-1-2-Is-Now-Required/m-p/57948#M196)) and Salesforce is planning to switch to TLS 1.1 or higher by July 22,
2017 (refer
[this link](https://help.salesforce.com/articleView?%3Fd=701300000021Jky&eid=ss-tc&id=Salesforce-disabling-TLS-1-0&language=en_US&type=1)).

## Why You Need TLS 1.2?

If you are using developer sandbox account for Authorize.Net then you
may have noticed following exception message - “An unexpected error
occurred on a send” with inner exception as “Unable to read data from
the transport connection: An existing connection was forcibly closed by
the remote host.”

To solve this issue there are 2 options as mentioned in this
[Salesforce knowledge article](https://help.salesforce.com/articleView?%3Fd=701300000021Jky&eid=ss-tc&id=Salesforce-disabling-TLS-1-0&language=en_US&type=1):

### Option 1

Add following C# line:

```
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
```

before “var authRequest = new AuthorizeNet.AuthorizationRequest...”.

### Option 2

Instead of changing the source code and deploying the build, you try
this option which requires adding a registry value on your development /
test / production server.

Add a new DWORD “SchUseStrongCrypto” with value “1” for following
registry keys:

```
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319
```

and

```
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319
```

Note: The above changes are applicable only if your application is using
.NET 4.5 or .NET 4.5.2. AuctionWorx uses .NET 4.5.2 and hence this
solution is best suited for it.

## Useful Links

One of the major reason for switching to TLS 1.2 is PCI compliance too.
For PCI compliance, we came across few articles which helps us to
configure server for compliance.

[IIS Crypto](https://www.nartac.com/Products/IISCrypto/Download) from Nartac Software

[TLS / SSL Settings from Microsoft TechNet (registry subkey to
disable TLS 1.0)](https://technet.microsoft.com/en-us/library/dn786418(v=ws.11).aspx#BKMK_SchannelTR_TLS10)

[Disabling TLS 1.0 on your Windows 2008 R2 server from MSDN Blogs](https://blogs.msdn.microsoft.com/friis/2016/07/25/disabling-tls-1-0-on-your-windows-2008-r2-server-just-because-you-still-have-one/)