Articles Tagged 'tls'

Articles
Hardening SSL on IIS 6 - IIS 7

If you are running a web application (such as SpiraTest, SpiraPlan, SpiraTeam or KronoDesk) on an IIS web server using Secure Sockets Layer (SSL), you will want to harden the environment by removing the older versions of SSL and TLS that are no longer considered secure.

These steps apply to:

  • Windows Server 2003 R1 & R2
  • Windows Server 2008 R1 & R2

Usually Windows Server 2012 and later are already configured to be secure.

Defaulting Your System to use TLS 1.2 for .NET Applications

As you move your web applications (such as SpiraTest, SpiraTeam, SpiraPlan, or KronoDesk) to newer encryption protocols such as Transport Layer Security (TLS) 1.2, you will need to make sure the client applications are configured to use the latest version of TLS. Specifically applications using Microsoft .NET may not use the latest version by default.

Enable TLS 1.2 in Internet Explorer 8, 9 or 10

If you have disabled TLS 1.0 and 1.1 encryption protocols on your IIS web server, you may run into issues accessing the web interface of Spira or KronoDesk from older versions of Windows and/or IE.