{"type":"doc","content":[{"type":"layoutSection","marks":[{"type":"breakout","attrs":{"mode":"full-width"}}],"content":[{"type":"layoutColumn","attrs":{"width":66.66},"content":[{"type":"paragraph","content":[{"text":"In order to use ","type":"text"},{"text":"Transport Layer Security","type":"text","marks":[{"type":"textColor","attrs":{"color":"#222222"}}]},{"text":" (TLS) with EmpowerID, you must apply Microsoft patches to the SQL server and client machines, and add registry settings to the EmpowerID server and client machines.","type":"text"}]},{"type":"paragraph","content":[{"type":"hardBreak"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"heading","attrs":{"level":3},"content":[{"text":"Prerequisites","type":"text"}]},{"type":"paragraph","content":[{"text":"The .NET Framework version 4.5 or higher must be installed on the EmpowerID server.","type":"text"}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"To configure the EmpowerID server machine","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"From the Start menu, open the Registry Editor (regedit).","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Expand the Computer node and navigate to:","type":"text"}]},{"type":"codeBlock","content":[{"text":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\.NETFramework\\v4.0.30319","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Right-click the v4.0.30317 key and select ","type":"text"},{"text":"New","type":"text","marks":[{"type":"strong"}]},{"text":", then ","type":"text"},{"text":"DWORD (32-bit) Value","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"},{"type":"hardBreak"},{"type":"hardBreak"}]},{"type":"mediaSingle","attrs":{"layout":"align-start"},"content":[{"type":"media","attrs":{"width":877,"id":"8e563e10-31d8-479e-93a8-91d87863a275","collection":"contentId-287539203","type":"file","height":667}}]},{"type":"paragraph","content":[{"type":"hardBreak"},{"type":"hardBreak"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Set the Name to ","type":"text"},{"text":"SchUseStrongCrypto","type":"text","marks":[{"type":"strong"}]},{"text":" and the Value data to ","type":"text"},{"text":"1","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"},{"type":"hardBreak"},{"type":"hardBreak"}]},{"type":"mediaSingle","attrs":{"layout":"align-start"},"content":[{"type":"media","attrs":{"width":331,"id":"7546a13a-4c79-4fb4-847d-4da48545d611","collection":"contentId-287539203","type":"file","height":199}}]},{"type":"paragraph","content":[{"type":"hardBreak"},{"type":"hardBreak"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Navigate to:","type":"text"}]},{"type":"codeBlock","content":[{"text":"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\.NETFramework\\v4.0.30319","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Again, right-click the v4.0.30317 key and select ","type":"text"},{"text":"New","type":"text","marks":[{"type":"strong"}]},{"text":", then ","type":"text"},{"text":"DWORD (32-bit) Value","type":"text","marks":[{"type":"strong"}]},{"text":", and add the same subkey: ","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Value name: SchUseStrongCrypto","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Value data: 1","type":"text"}]}]}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"To configure the SQL Server machine","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"See the following information from Microsoft:","type":"text"},{"type":"hardBreak"},{"text":"https://support.microsoft.com/en-us/help/3135244/tls-1.2-support-for-microsoft-sql-server","type":"text","marks":[{"type":"link","attrs":{"href":"https://support.microsoft.com/en-us/help/3135244/tls-1.2-support-for-microsoft-sql-server"}}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"From that page, download and install the appropriate patch for your SQL Server version.","type":"text"}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"To update protocols on the EmpowerID server machine","type":"text"}]},{"type":"paragraph","content":[{"text":"This step disables insecure protocols on the EmpowerID server.","type":"text"}]},{"type":"panel","attrs":{"panelType":"error"},"content":[{"type":"paragraph","content":[{"text":"If you perform this step ","type":"text"},{"text":"before","type":"text","marks":[{"type":"em"}]},{"text":" installing the SQL patch, the EmpowerID server machine will no longer be able to communicate with the SQL Server.","type":"text"}]}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Download and run the GUI version of IIS Crypto 2.0:","type":"text"},{"type":"hardBreak"},{"text":"https://www.nartac.com/Products/IISCrypto/Download","type":"text","marks":[{"type":"link","attrs":{"href":"https://www.nartac.com/Products/IISCrypto/Download"}}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"On the ","type":"text"},{"text":"Schannel","type":"text","marks":[{"type":"em"}]},{"text":" tab that appears by default, under ","type":"text"},{"text":"Protocols","type":"text","marks":[{"type":"strong"}]},{"text":", clear all checkboxes ","type":"text"},{"text":"except","type":"text","marks":[{"type":"em"}]},{"text":" for ","type":"text"},{"text":"TLS 1.1","type":"text","marks":[{"type":"strong"}]},{"text":" and ","type":"text"},{"text":"TLS 1.2","type":"text","marks":[{"type":"strong"}]},{"text":" so that it looks like this:","type":"text"},{"type":"hardBreak"},{"type":"hardBreak"}]},{"type":"mediaSingle","attrs":{"layout":"align-start"},"content":[{"type":"media","attrs":{"width":886,"id":"61a86b1f-c631-4c50-b2d3-5254e5c19280","collection":"contentId-287539203","type":"file","height":693}}]},{"type":"paragraph","content":[{"type":"hardBreak"},{"type":"hardBreak"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click ","type":"text"},{"text":"Apply","type":"text","marks":[{"type":"strong"}]},{"text":" and restart the EmpowerID server.","type":"text"}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"To configure the client machine","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"On the client machine, download and install the appropriate patch for the Windows 7 or 2012 R2 machine:","type":"text"},{"type":"hardBreak"},{"text":"https://support.microsoft.com/en-us/help/3080079/update-to-add-rds-support-for-tls-1.1-and-tls-1.2-in-windows-7-or-windows-server-2008-r2","type":"text","marks":[{"type":"link","attrs":{"href":"https://support.microsoft.com/en-us/help/3080079/update-to-add-rds-support-for-tls-1.1-and-tls-1.2-in-windows-7-or-windows-server-2008-r2"}}]},{"type":"hardBreak"},{"type":"hardBreak"}]},{"type":"paragraph","content":[{"type":"inlineExtension","attrs":{"extensionType":"com.atlassian.confluence.migration","extensionKey":"__confluenceADFMigrationUnsupportedContentInternalExtension__","text":"","parameters":{"cxhtml":"

You only need to install this patch on Windows 7 or Windows 2012 R2 client machines from which the user wants to connect remotely using Privileged Session Manager (PSM) to a machine with TLS 1.x.

","block-inline":true,"nestedContent":{"type":"doc","content":[{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"You only need to install this patch on Windows 7 or Windows 2012 R2 client machines from which the user wants to connect remotely using Privileged Session Manager (PSM) to a machine with TLS 1.x. ","type":"text"}]}]}],"version":1},"reason":"You won't lose any content when the page is converted, but it'll look like this since a note macro in a list item can't be created or edited in the new editor."}}}]},{"type":"paragraph","content":[{"type":"hardBreak"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"From the Start menu, open the Registry Editor (regedit).","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Expand the Computer node and navigate to:","type":"text"}]},{"type":"codeBlock","content":[{"text":"HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.1\\Client\n\n","type":"text"}]},{"type":"paragraph","content":[{"type":"inlineExtension","attrs":{"extensionType":"com.atlassian.confluence.migration","extensionKey":"__confluenceADFMigrationUnsupportedContentInternalExtension__","text":"","parameters":{"cxhtml":"

If the TLS 1.1 or Server or Client subkeys do not exist under the Protocols key, add them by right-clicking the parent key and selecting New, then Key, and entering the key name.

","block-inline":true,"nestedContent":{"type":"doc","content":[{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"If the TLS 1.1 or Server or Client subkeys do not exist under the Protocols key, add them by right-clicking the parent key and selecting ","type":"text"},{"text":"New","type":"text","marks":[{"type":"strong"}]},{"text":", then ","type":"text"},{"text":"Key","type":"text","marks":[{"type":"strong"}]},{"text":", and entering the key name.","type":"text"}]},{"type":"paragraph","content":[{"type":"inlineExtension","attrs":{"extensionType":"com.atlassian.confluence.migration","extensionKey":"inline-media-image","parameters":{"width":"","id":"e2e3eb06-0e1b-48dd-9471-6f0ea505fa76","collection":"contentId-287539203","height":"250"}}}]}]}],"version":1},"reason":"You won't lose any content when the page is converted, but it'll look like this since an info macro in a list item can't be created or edited in the new editor."}}}]},{"type":"paragraph","content":[{"type":"hardBreak"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Right-click ","type":"text"},{"text":"Client","type":"text","marks":[{"type":"strong"}]},{"text":", select ","type":"text"},{"text":"New","type":"text","marks":[{"type":"strong"}]},{"text":", then ","type":"text"},{"text":"DWORD (32-bit) Value","type":"text","marks":[{"type":"strong"}]},{"text":", and set the Value name to ","type":"text"},{"text":"DisabledByDefault","type":"text","marks":[{"type":"strong"}]},{"text":". (Leave the Value data to the default value of ","type":"text"},{"text":"0","type":"text","marks":[{"type":"strong"}]},{"text":".)","type":"text"},{"type":"hardBreak"},{"type":"hardBreak"}]},{"type":"mediaSingle","attrs":{"layout":"align-start"},"content":[{"type":"media","attrs":{"width":877,"id":"f81f23d4-41f7-449e-88dd-7e9d9cb3d301","collection":"contentId-287539203","type":"file","height":667}}]},{"type":"paragraph","content":[{"type":"hardBreak"},{"type":"hardBreak"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Repeat for each of the following keys:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"codeBlock","content":[{"text":"HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.1\\Server","type":"text"}]}]},{"type":"listItem","content":[{"type":"codeBlock","content":[{"text":"HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.2\\Client","type":"text"}]}]},{"type":"listItem","content":[{"type":"codeBlock","content":[{"text":"HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.2\\Server","type":"text"}]}]}]}]}]},{"type":"paragraph","content":[{"type":"hardBreak"}]},{"type":"extension","attrs":{"extensionType":"com.atlassian.confluence.macro.core","extensionKey":"com-addonengine-macrotoolboxforcloud-macros-heading-expand","parameters":{"macroParams":{"style":{"value":"Heading 2"},"title":{"value":"Related Content"}},"macroMetadata":{"schemaVersion":{"value":"1"},"title":"com-addonengine-macrotoolboxforcloud-macros-heading-expand"}}}},{"type":"paragraph","content":[{"type":"hardBreak"}]},{"type":"paragraph","content":[{"type":"hardBreak"}]}]},{"type":"layoutColumn","attrs":{"width":33.33},"content":[{"type":"paragraph","content":[{"type":"hardBreak"}]},{"type":"paragraph","content":[{"type":"hardBreak"}]},{"type":"paragraph","content":[{"type":"hardBreak"}]},{"type":"paragraph","content":[{"type":"hardBreak"}]},{"type":"paragraph","content":[{"type":"hardBreak"}]}]}]}],"version":1}

Browser not supported