RDO Servers
New member
- Joined
- Apr 3, 2015
- Messages
- 770
- Points
- 0
We have a customer that has a PCI compliant server cluster. We recently made a move to fully disable TLS v1 (Transport Layer Encryption, the successor to SSL) since it will no longer be considered PCI compliant as of June 2016.
After doing so, we learned 2 interesting thing.
A) Even though Windows 7 "includes" and "supports" TLS, it is disabled by default. In order to to use the most current and secure TLS in Windows 7, you have to add the following registry keys.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client]
"DisabledByDefault"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server]
"DisabledByDefault"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
"DisabledByDefault"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]
"DisabledByDefault"=dword:00000000
B) Aparently, Apple has decided to disable TLS support on the iPhone and iPads....
We have been working to find the reason we are unable to connect via a iPad or iPhone once TLS v1 is disabled. After speaking to a Apple online tech, we were told that this week, Apple pushed out an update that disabled TLS support.....
Has anyone else run into this issue?
After doing so, we learned 2 interesting thing.
A) Even though Windows 7 "includes" and "supports" TLS, it is disabled by default. In order to to use the most current and secure TLS in Windows 7, you have to add the following registry keys.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client]
"DisabledByDefault"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server]
"DisabledByDefault"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
"DisabledByDefault"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]
"DisabledByDefault"=dword:00000000
B) Aparently, Apple has decided to disable TLS support on the iPhone and iPads....
We have been working to find the reason we are unable to connect via a iPad or iPhone once TLS v1 is disabled. After speaking to a Apple online tech, we were told that this week, Apple pushed out an update that disabled TLS support.....
Has anyone else run into this issue?
