By default Applixure Agent's Windows version will enable TLS 1.2 for all HTTPS communications with the Applixure cloud platform as of Agent version released on May 27th 2018, given that all of the pre-requisites for using TLS are met.
This article will give you a guidance on verifying that those pre-requisites are met. If Applixure Agent is unable to detect conditions to be true it will use the default TLS level of 1.0, depending on the circumstances and the Windows version.
Background
Both Windows operating system itself, and the .NET Framework version(s) installed on it have their own specific version requirements for applications to use TLS 1.2. As Applixure Agent for Windows is running on top of .NET, both of these requirements must be met in order to Agent to be able to use TLS 1.2 instead of older versions.
TLS support in Windows
For Windows, TLS 1.2 support became available for SCHANNEL component (handling the cyrptography behind HTTPS connection when using Windows API for communication) with Windows 7. For Windows XP and Vista, enabling TLS 1.2 is not possible and Applixure Agent will keep using TLS 1.0 on those platforms for as long as it is still supported by Applixure Agent.
For newer Windows versions up until Windows 10, TLS 1.2 is supported by the operating system.
TLS support in .NET Framework
For Microsoft .NET Framework, support for using TLS 1.2 protocol became available with the version 4.5.
First version of Windows shipping with .NET 4.5 out of the box was Windows 8, all older operating system versions or releases would require explicit installation of the 4.5 (or newer) of .NET Framework. As Framework versions are cumulative, installation of the newest one (4.7.2 at the time of writing) is sufficient.
Applixure Agent's requirements for TLS 1.2
Upon starting, Applixure Agent for Windows will try to detect both the operating system's and installed .NET Framework's support for TLS 1.2 before enabling it.
If Windows version Agent is running on is Windows 8 (or newer), the operating system is assumed to have support for TLS 1.2 without further checks.
After checking Windows version and its eligibility for supporting TLS 1.2 protocol, Applixure Agent will also check what .NET Framework is installed on the system and thus which runtime is executing the Agent's code. If Applixure detects that the newest .NET Framework currently installed is older than 4.5, it will assumme that TLS 1.2 cannot be used.
Only if both of these checks clear, then Applixure Agent will by default enable/force TLS 1.2 to be used for all Agent's communication.
0 Comments