Closed

Closed due to inactivity. Received 33 votes with last vote on 18 Nov 2019.

Support for TLS 1.2

PCI compliance is driving this request for us to use TLS 1.2.

We had opened a case with you regarding this support.  # 1019445

Thank you.

Parents
  • TLS 1.2 is supported for Orion Platform 2017 and higher. To enable TLS 1.2, you need to enable in the registry to use TLS 1.2:

                        Restart is required for change to take effect. Run the following in PowerShell, then reboot system: (IIS Website already configured for STIG) IIS 8.5 web server session IDs must be sent to the client using TLS.                            

        1. New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server' -Force | New-ItemProperty -Name Enabled -Value 1 -Force | Out-Null 
        2. Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server" -Name "DisabledByDefault" -value 0 
      • Note: If you plan to use MS SQL with SSL enabled, please also apply TLS 1.2 Server to the MS SQL Server, and Client Registry settings below to the Solarwinds Server.
      • New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client' -Force | New-ItemProperty -Name Enabled -Value 1 -Force | Out-Null
      • Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client" -Name "DisabledByDefault" -value 0
      • You will also want to apply TLS 1.2 Client your client endpoint systems.
Comment
  • TLS 1.2 is supported for Orion Platform 2017 and higher. To enable TLS 1.2, you need to enable in the registry to use TLS 1.2:

                        Restart is required for change to take effect. Run the following in PowerShell, then reboot system: (IIS Website already configured for STIG) IIS 8.5 web server session IDs must be sent to the client using TLS.                            

        1. New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server' -Force | New-ItemProperty -Name Enabled -Value 1 -Force | Out-Null 
        2. Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server" -Name "DisabledByDefault" -value 0 
      • Note: If you plan to use MS SQL with SSL enabled, please also apply TLS 1.2 Server to the MS SQL Server, and Client Registry settings below to the Solarwinds Server.
      • New-Item 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client' -Force | New-ItemProperty -Name Enabled -Value 1 -Force | Out-Null
      • Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client" -Name "DisabledByDefault" -value 0
      • You will also want to apply TLS 1.2 Client your client endpoint systems.
Children
No Data