TLS 1.2 Support
 
Notifications
Clear all

TLS 1.2 Support

9 Posts
2 Users
0 Reactions
2,428 Views
Posts: 138
Topic starter
(@enguard)
Estimable Member
Joined: 6 years ago

SolidCP does not work with TLS 1.2. It seems to be using older SSL or TLS 1.0 or TLS 1.1 ciphers.

Can you please add support for TLS 1.2 and TLS 1.3 in the future?

8 Replies
Posts: 1995
Admin
(@m-tiggelaar)
Noble Member
Joined: 9 years ago

Hello,

As far as i am aware SolidCP has no cipher configuration and is simply using the ciphers and tls versions configured on the servers.

If you configured your server(s) ciphers and tls idential (all Portal / Enterprise / Servers servers SolidCP is on) it should be fine communicating to all SolidCP modules.

That being said it will only work with TLS 1.2 not 1.3 asfar as i am aware Windows servers (and it's components such as schannel) do not support TLS 1.3 yet.

Regards,

Marco

Reply
Posts: 138
Topic starter
(@enguard)
Estimable Member
Joined: 6 years ago

Examples:

  1. SMTP Server Settings > Enable SMTP SSL does not work
  2. SmarterMail Web Services URL: https://domain.com/services/ does not work

The destination server has to have TLS 1.0 or TLS 1.1 enabled in order for SolidCP to be able to talk to it. It works fine when we have these enabled, but we are moving with the rest of the industry to use TLS 1.2 only.

The current workaround is using no encryption at all.

Examples:

  1. SMTP Server Settings > Don't check enable SMTP SSL and using an IP address for the mail server, instead of a hostname
  2. SmarterMail Web Services URL: http://domain.com/services/
Reply
Posts: 138
Topic starter
(@enguard)
Estimable Member
Joined: 6 years ago

Here is the error when using TLS1.2 only on a Smartermail Server:

System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> Could not get mailbox ---> The underlying connection was closed: An unexpected error occurred on a receive. ---> The client and server cannot communicate, because they do not possess a common algorithm
at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at SolidCP.EnterpriseServer.esMailServers.GetMailAccount(Int32 itemId)
at SolidCP.Portal.MailAccountsEditAccount.BindItem()

Reply
Posts: 138
Topic starter
(@enguard)
Estimable Member
Joined: 6 years ago

Upon further testing, confirming SolidCP only works with external servers and TLS 1.0 enabled on that server.

It does not work with TLS 1.1 or TLS 1.2 enabled on the external server.

Sorry I should have been more clear on my initial post.

Reply
Page 1 / 2
Share: