United Kingdom Endpoint Management User Group

 View Only

  • 1.  Can a 6.0 SP3 PS function under TLS 1.1?

    Posted Dec 11, 2015 09:13 AM

    Hello all,

    One of my customers is looking at replacing SSL 3.0 with TLS 1.1 and would like to know if clients will be able to download packages from their PS's if the PS is using TLS 1.1? 

    Thanks in advance,

    SK.



  • 2.  RE: Can a 6.0 SP3 PS function under TLS 1.1?
    Best Answer

    Broadcom Employee
    Posted Dec 14, 2015 05:31 AM

    Hi,

    In the pure TLS 1.1 environment where all other protocols are disabled ("Enabled" = "0" in the registry) the client-server communications will not work. The Client transport implementation for version 6.0 uses only TLS 1.0 protocol and if it is forbidden to use then parties will fail the "hello cycle" and won't connect.Althought if the customer is trying to avoid usage of SSL 3.0 (like get rid of the POODLE threat) then it is possible to set-up the environment where SSL3.0 is strictly forbidden and TLS 1.0, 1.1 and 1.2 is allowed. In such an environment the Symantec client-server communication will work using TLS 1.0 protocol.

    The possibility to choose the TLS setting for client-server communications is added in ITMS 7.6 release.

    Regards,
    Roman.



  • 3.  RE: Can a 6.0 SP3 PS function under TLS 1.1?

    Posted Jan 19, 2016 03:13 AM

    Thank you.