Zoom disables TLS 1.0/1.1 for Cloud Room Connector
As part of Zoom’s ongoing efforts to strengthen data security, the Conference Room Connector (CRC) will be migrated to Transport Layer Security (TLS) 1.2+ over the next 12 months. The migration includes Zoom disabling the option for all SIP/H.323 devices to use TLS 1.0 and 1.1 for encryption as part of the migration process. The devices attempting to connect to a meeting that requires device encryption are affected by this change, which affects all SIP/H.323 devices. Zoom will impose this rule on all types of devices: both those managed via an API connector and those not managed by Zoom.
Zoom delayed implementing this cipher change for the CRC service in August 2019. This is because it wanted to give customers time to prepare their endpoints/devices and update the firmware on their devices prior to this cipher change.
How does this affect SIP/H.323 endpoints?
If you have “Require encryption for third-party endpoints (H323/SIP)” enabled in your Zoom account, the endpoint you want to use for Zoom meetings must be able to support TLS 1.2 or higher. A device that doesn’t support encryption, or doesn’t use TLS 1.1 or 1.0, fails to join the meeting and receives a message that the room system must use encryption for the endpoint to join the meeting.
We encourage our customers to update devices that rely on TLS 1.0 and 1.1 as soon as possible in preparation for this upcoming change if they have not already done so.
Retirement Timeline
| encryption protocol | retirement date |
| TLS 1.0 | November 6, 2020 |
| TLS 1.1 | March 28, 2021 |
