https://community.sophos.com/on-premise-endpoint/f/sophos-enterprise-console/110913/sophos-sec-5-5-1---won-t-start-if-tls-1-0-is-disabledHi, We upgraded our Sophos SEC instance from 5.5.0 to 5.5.1 to support TLS 1.2. The database is on dedicated SQL server which supports TLS 1.2. When we disable TLS 1.0 (client/server) on the Sophos SEC server, the application cannot start. en-USTelligent Community 12https://community.sophos.com/thread/446098?ContentTypeID=1Mon, 31 Aug 2020 12:56:13 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:0bb45d73-2704-404f-8e3c-0d31592d8592Sean Davis<p>This helped me, thanks.&nbsp; But I found that the command fails unless I have explicitly enabled TLS 1.0.&nbsp; With that enabled, I successfully ran the command and saw the message:&nbsp; Encrypted connection to the SQL Server is established.&nbsp; Now that the connection config has been updated, I disabled TLS 1.0&nbsp;but subsequent start of SQL Server fails again.&nbsp; So apparently, I have to leave 1.0 enabled in order for Sophos SQL to use 1.2...</p> <p>It&#39;s great that Sophos will use TLS 1.2 but the point is to be able to disable TLS 1.0 and 1.1 altogether, right?&nbsp; Am I missing something else because this improves security of Sophos while still leaving my server vulnerable to TLS 1.0&nbsp;&nbsp;</p><div style="clear:both;"></div>https://community.sophos.com/thread/397268?ContentTypeID=1Tue, 19 Feb 2019 16:39:03 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:4999fee0-d0be-4b2f-816c-4f5674ff8d3fDavid Lewis1<p>We were able to get the Sophos Enterprise Console to load with just TLS 1.2 enabled by doing the following:</p> <p>&nbsp;</p> <p>C:\sec_551\serverinstaller\checkdbconnection&gt; .\CheckDBConnection.exe -s&nbsp;&lt;SQL Server&gt;&nbsp;-t onfce -c &ndash;a &nbsp;(This &ndash;a flag tells the program to change the Db connection settings for Sophos).</p> <p>&nbsp;</p> <p>Hope this helps someone in the Interwebs.</p> <p>David</p><div style="clear:both;"></div>