Article ID: 1162
Last updated: 22 Apr, 2019
The Riva synchronization service uses the TLS 1.0 mechanism by default and does not allow the older SSL v3. Riva does not connect to a host that supports only SSL v3, unless Riva is specifically reconfigured to use SSL v3. (See Set a specific security protocol.) Contents
Which Version of TLS Does Riva Use by Default?Newer versions of Riva automatically enable the newer versions of TLS, as long as they are supported by the underlying operating system. If the system requirements for newer versions of TLS have been met, the following versions of Riva auto-enable support for TLS 1.2, TLS 1.1 and TLS 1.0:
Previous versions: For prior versions of Riva up to and including 2.4.38, all connections are made by using TLS 1.0. If you require TLS 1.2 or TLS 1.1, do as follows:
Which Security Protocol Types Does Riva Support?Riva uses the Microsoft .NET Framework as the underlying technology framework. This framework leverages the Microsoft Security Support Provider Interface (SSPI), which defines the secure channel sub-system of the underlying Windows operating systems. Secure Channel, also known as Schannel, is a security support provider (SSP) that contains a set of security protocols that provide identity authentication and secure, private communication through encryption. Schannel is primarily used for Internet applications that require secure Hypertext Transfer Protocol (HTTP) communications. Both Secure Sockets Layer Protocol (SSL) and Transport Layer Security Protocol (TLS) are supported by Windows and, therefore, are compatible with Riva. For a list of supported TLS 1.0 cipher suites for Windows Server 2008/Vista, see Cipher Suites in Schannel. The following operating systems do not support TLS 1.2 or TLS 1.1: Windows 2003 and Windows XP. For a full breakdown of secure libraries and their supported protocols, see this Wikipedia article.
Set a Specific Security ProtocolBy default, the Riva synchronization process uses the TLS 1.0 security protocol. To force Riva to use a specific security protocol
If the following error is received: "System.NotSupportedException: The requested security protocol is not supported.", use the named parameters instead of the numeric values. Determine Which Versions of SSL/TLS Are Enabled on a Target HTTPS HostIf the host is connected to the internet and can receive HTTPS communication, a simple way to determine which security protocols are supported by the host is to run an SSL Test. See https://www.ssllabs.com/ssltest/. Related ArticlesHow to Determine the Cipher Suite for the Server and Client - http://support.microsoft.com/kb/299520 Update adds new TLS cipher suites and changes cipher suite priorities in Windows 8.1 and Windows Server 2012 R2 - http://support.microsoft.com/kb/2929781 Test: SSL/TLS Capabilities of Your Browser - https://www.ssllabs.com/ssltest/viewMyClient.html
This article was:
Helpful |
Not helpful
Report an issue
Article ID: 1162
Last updated: 22 Apr, 2019
Revision: 10
Views: 9638
Comments: 0
Also listed in
|