Enabling Transport Layer Security (TLS)

2021-10-05Last updated

The Transport Layer Security (TLS) 1.0 and 1.1 protocols have several major vulnerabilities, so they are disabled on Streamvault™ appliances. When a device enrolled in Security Center requires one of these protocols for communication, you must enable the protocol on your appliance.

What you should know

  • TLS 1.1 is disabled in Streamvault software image 16.3 and later.
  • TLS 1.0 is disabled in Streamvault software image 16.0 and later.
  • Only enable the version of TLS that is required by your device.
  • You must enable TLS on the server (incoming) and client (outgoing) nodes.
  • For security reasons, the Internet Properties options are disabled on appliances. For this reason, you can only enable TLS from the Windows Registry Editor.

Procedure

  1. Open Windows Registry Editor.
  2. Enable TLS 1.n, where n represents the minor version number:
    1. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.n.
    2. Select the Server node, set DisabledByDefault to 0, and set Enabled to 1.
    3. Select the Client node, set DisabledByDefault to 0, and set Enabled to 1.
  3. Restart Windows.