Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 1 subscriber
  • Views 2615 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos SEC 5.5.1 - won't start if TLS 1.0 is disabled

David Lewis1

Hi,

 

 We upgraded our Sophos SEC instance from 5.5.0 to 5.5.1 to support TLS 1.2. The database is on dedicated SQL server which supports TLS 1.2.

 

When we disable TLS 1.0 (client/server) on the Sophos SEC server, the application cannot start.

 

We saw online that Sophos looks for the explicit registry settings defining TLS 1.2 client/server as enabled and TLS 1.0/1.1 client/server disabled before it uses TLS 1.2. (

https://community.sophos.com/kb/en-us/127521)

 

We added these registry settings this morning, rebooted and Sophos cannot start again.  It starts once we re-enable TLS 1.0 client/server on Sophos SEC server.

 

How should we proceed?

 

Thanks,

David

 



This thread was automatically locked due to age.
Parents
  • 0

    We were able to get the Sophos Enterprise Console to load with just TLS 1.2 enabled by doing the following:

     

    C:\sec_551\serverinstaller\checkdbconnection> .\CheckDBConnection.exe -s <SQL Server> -t onfce -c –a  (This –a flag tells the program to change the Db connection settings for Sophos).

     

    Hope this helps someone in the Interwebs.

    David

Reply
  • 0

    We were able to get the Sophos Enterprise Console to load with just TLS 1.2 enabled by doing the following:

     

    C:\sec_551\serverinstaller\checkdbconnection> .\CheckDBConnection.exe -s <SQL Server> -t onfce -c –a  (This –a flag tells the program to change the Db connection settings for Sophos).

     

    Hope this helps someone in the Interwebs.

    David

Children
No Data
Unfiltered HTML