Support for TLS 1.0 and 1.1 will end in Azure and will be disabled 31 October 2024. For more info, see Azure support for TLS 1.0 and TLS 1.1 will end by 31 October 2024
To avoid potential service disruptions please upgrade to WATS Client 6.1 or follow the guidelines explained below in this article.
WATS Client 5.x is based on .Net Framework 3.5 in order to support legacy client test software. The .NET framework version 3.5.1 and earlier versions did not provide support for applications to use Transport Layer Security (TLS) System Default Versions as a cryptographic protocol.
The following registry keys can be set to use the operating system defaults for SSL and TLS instead of the hardcoded .NET Framework defaults for a managed application running on the computer.
- For 64-bit operating systems:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001 - For 32-bit operating systems:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001
For more info, see https://docs.microsoft.com/en-us/dotnet/framework/network-programming/tls#systemdefaulttlsversions
WATS Client 6.x and newer supports TLS 1.2 without user actions.
NOTE:
Windows 7 SP1 computers requires an additional procedure to enable TLS 1.2 support.
Per the TLS-SSL Settings article, for TLS 1.2 to be enabled and negotiated on Windows 7, you MUST create the "DisabledByDefault" entry in the appropriate subkey (Client) and set it to "0". These subkeys will not be created in the registry since these protocols are disabled by default.
- Create the necessary subkeys for TLS 1.2; create the DisabledByDefault DWORD values and set it to 0 in the following locations::
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
"DisabledByDefault"=dword:00000000
For more info, see https://support.microsoft.com/en-us/help/3140245/update-to-enable-tls-1-1-and-tls-1-2-as-default-secure-protocols-in-wi
Using the WATS TestStand add-on with TLS 1.2
TestStand does not seem to use the operating system defaults for SSL and TLS. Therefore, when using the WATS add-on for TestStand, the following registry keys can be set to make TestStand use the operating system defaults for SSL and TLS:
- For 64-bit operating systems with TestStand 32-bit:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001 - For 64-bit operating systems with TestStand 64-bit:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001 - For 32-bit operating systems:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
Using the WATS LabVIEW add-on with TLS 1.2
LabVIEW does not seem to use the operating system defaults for SSL and TLS. Therefore, when using the WATS add-on for LabVIEW, the following registry keys can be set to make LabVIEW use the operating system defaults for SSL and TLS:
- For 64-bit operating systems with LabView 32-bit:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001 - For 64-bit operating systems with LabView 64-bit:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001 - For 32-bit operating systems:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
Testing if TLS 1.2 is enabled
To test if your machine is TLS 1.2 compliant you can run the following PS-script. Make sure to replace the server name from live to your wats-server name.
# Ensure the .NET Framework uses TLS 1.2
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12
# Define the URL of the TLS 1.2 website you want to test
$uri = "https://live.wats.com" # Replace with the actual website URL
# Attempt to create a web request
try {
$request = [System.Net.WebRequest]::Create($uri)
$response = $request.GetResponse()
Write-Host "Connection successful. This application can connect to the TLS 1.2 website." -ForegroundColor Green
$response.Close()
} catch {
Write-Host "Connection failed. This application cannot connect to the TLS 1.2 website." -ForegroundColor Red
Write-Host "Error: $_" -ForegroundColor Yellow
}
Comments
0 comments
Please sign in to leave a comment.