TLS 1.0 and TLS 1.1 are obsolete and insecure protocols and should be disabled on the WATS server. Contact virinco if you want to disable these protocols on your server.
WATS Client 5.x is based on .Net Framework 3.5 in order to support legacy client test software. The .NET framework version 3.5.1 and earlier versions did not provide support for applications to use Transport Layer Security (TLS) System Default Versions as a cryptographic protocol.
The following registry keys can be set to use the operating system defaults for SSL and TLS instead of the hardcoded .NET Framework defaults for a managed application running on the computer.
- For 64-bit operating systems:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001 - For 32-bit operating systems:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001
For more info, see https://docs.microsoft.com/en-us/dotnet/framework/network-programming/tls#systemdefaulttlsversions
WATS Client 6.x and newer supports TLS 1.2 without user actions.
NOTE:
Windows 7 SP1 computers requires an additional procedure to enable TLS 1.2 support.
Per the TLS-SSL Settings article, for TLS 1.2 to be enabled and negotiated on Windows 7, you MUST create the "DisabledByDefault" entry in the appropriate subkey (Client) and set it to "0". These subkeys will not be created in the registry since these protocols are disabled by default.
- Create the necessary subkeys for TLS 1.2; create the DisabledByDefault DWORD values and set it to 0 in the following locations::
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
"DisabledByDefault"=dword:00000000
For more info, see https://support.microsoft.com/en-us/help/3140245/update-to-enable-tls-1-1-and-tls-1-2-as-default-secure-protocols-in-wi
Using the WATS TestStand add-on with TLS 1.2
TestStand does not seem to use the operating system defaults for SSL and TLS. Therefore, when using the WATS add-on for TestStand, the following registry keys can be set to make TestStand use the operating system defaults for SSL and TLS:
- For 64-bit operating systems with TestStand 32-bit:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001 - For 64-bit operating systems with TestStand 64-bit:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001 - For 32-bit operating systems:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
Using the WATS LabVIEW add-on with TLS 1.2
LabVIEW does not seem to use the operating system defaults for SSL and TLS. Therefore, when using the WATS add-on for LabVIEW, the following registry keys can be set to make LabVIEW use the operating system defaults for SSL and TLS:
- For 64-bit operating systems with LabView 32-bit:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001 - For 64-bit operating systems with LabView 64-bit:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001 - For 32-bit operating systems:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
Comments
0 comments
Please sign in to leave a comment.