We just installed a new MailCleaner cluster witch version 2018.06.
When i add the master host to my SolidCP i get the following error when adding a domain or creating a organisation:
The request was aborted: Could not create SSL/TLS secure channel.
I configured the following URL as MailCleaner API URL : https://192.168.10.1/
Please advise how to fix this.
Did you allow IP based access on the MC api config?
yes i did allow the enterprise server IP to access the API on the MC.
I even tryed to give the full /24 access to it.
I’m not sure then. (as thats really all it needs other then ofcourse a certificate).
I have not tested 06-2018 version yet though, and i do see in their change log “Fixes in the REST API”.
Which might mean something has been changed to break functionality.
For that i can’t say much more untill i had some time to test the 06-2018 version.
It seems a to be a problem with the TLS version. SolidCP Enterprise does a TLS1 request to MC (found this witch WireShark). But MC only accepts TLS 1.2 requests. I already tryed to change this in the configuration of MC but i did not succeed.
When opening the url https://mcaddress/api/domain/add/name/domein.ext from the browser it works fine.
You can set SSL configs in windows (both client and server side)
I would recommend configuring them to the current day standards.
I already did, but it keeps requesting with TLS1
Maybe hardcoded within de module?
I do not think the source has any form of TLS set in it’s connection, so it should be using what the server is configured for.
Did you do an reboot after changing the SSL config’s?
Yes i did reboot the server, TLS1.2 is enabled.
To force IIS using only TLS1.2 i have to disable 1 and 1.1 but when i do this SQL server is not starting anymore as it requires TLS 1.0
Is is possible to force SolidCP to use TLS1.2?
What version of MSSQL is it and have you applied the latest cumulative update? CU’s Contain fixes to address TLS 1.2 connections.
- Views1014 times
- Answers10 answers