SecureAuth version affected: All
Description:
SSL/TLS may need to be enabled/disabled due to environmental factors or restrictions throughout any given time through the server's lifespan.
Cause:
TLS versions may be turned off due to security server hardening or cipher/protocol lockdowns.
Resolution:
Enabled or disable TLS/SSL as needed be.
- Open up regedit.exe and navigate to the key location provided:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols
- Once here, expand Protocols, there will be the following:
- To disable or enable a protocol, expand Server or Client, whichever you want to change and adjust the value to the following:
Binary:
0 - off
1 - on
Hexadecimal:
0x00000000 - off
0xffffffff - on (4294967295)
- Once the respective changes are made, restart the server for the registry to propagate.
Comments
Thanks Justin,
But we know how to do this,
But "can" we eliminate TLS 1.1 with SA SSO without affecting our end clients?
Ron
Ron
Please sign in to leave a comment.