You are viewing limited content. For full access, please sign in.

Question

Question

TLS 1.2 support for mobile

Forms Mobile
Updated October 16, 2019
asked on July 2, 2019 Show version history

Hello, 

 

Can someone please provide an update when TLS 1.2 will be supported for the mobile app to work with Forms? SSL 3.0 is not an acceptable protocol to a growing number of customers, and we really need the TLS 1.2 upgrade. Until this is made available the mobile is unfortunately going to go unused, but is a vitally important component to the Laserfiche suite, and would be great to get this working. Thanks in advance. 

 

Brian

1 0

Replies

replied on July 16, 2019

Hello Brian,

 

Apologies for the delayed response. Mobile App should already support TLS1.2 in general, but your request needs a bit more coordination between Forms and Mobile. The work is scheduled and targeted for 10.4.2, i.e. October 2019. 

 

Thank you!

Hui

0 0
replied on July 16, 2019

What version of Forms and Mobile are you running? The currently released version (10.4.1) of both Forms and Mobile should support TLS 1.2 if the proper registry keys are changed. 

See documentation here for details. Specifically, you need to follow the sections for Turn on TLS 1.2, and Block RC4 in .NET TLS

We will be enhancing support in 10.4.2 so TLS 1.2 will be supported without registry updates. 

0 0
View 3 previous replies
replied on July 17, 2019

Hi Jared,

 

Thanks for the response.

Just to clarify since Hui said that the work is not scheduled until 10.4.2, if these registry changes are made, does this enable Mobile with Forms to use TLS 1.2 as well? Or is this only in reference to Mobile using TLS 1.2 and Forms using TLS 1.2 in general?  

0 0
replied on August 16, 2019

Troubleshooting this has been moved to a support case, but I wanted to provide an update for other that might see this post.

Earlier this year, both Mobile and Directory Server released their fix for TLS 1.2, though Mobile had a bug that can be resolved manually as described in KB: 1014072.

 

The work for 10.4.2 Hui was referring to is

  1. Supporting TLS 1.2 for SSO authentication through Directory Server when applications are in the DMZ
  2. Updating our core products to avoid use the documented manual change to use TLS 1.2
  3. A few bugfixes in some of our smaller applications (such as web scanning)
0 0
replied on October 3, 2019

Is #2 in your list still slated for the 10.4.2 release? I didn't see anything on the roadmap talking about TLS 1.2, so I wanted to check.

0 0
replied on October 16, 2019

Hello all,

I upgraded  LFDS from 10.3.1 to 10.4.2.10 still I face the issue related to TLS 1.0 and TLS 1.1 as per the customer IT policy only TLS 1.2 allowed to enable.

Does the coming release solve this issue?

 

0 0
replied on October 16, 2019

As a note, the LFDS version number is one off from the overall suite: LFDS will be releasing 10.4.3 with "Laserfiche 10.4.2", which still is the release that is coming out this quarter.


The upcoming release still has fixes planned for TLS 1.2, including a bug fix for Mobile specifically.

What products/areas are you still having issues with?

0 0
replied on October 16, 2019

Web Client and Mobile 

0 0
replied on July 16, 2019

Thanks, everyone. I appreciate the feedback and workaround. I'll check it out.

 

I should have clarified that this issue is for using Forms with the Mobile app. Sorry for any confusion.

 

Thanks,

Brian

0 0
replied on July 16, 2019

We were just informed yesterday that Forms is still dependent on TLS 1.0/1.1.  We have a customer that has been fighting to get Forms, Web Client, and Mobile configured in a DMZ with TLS 1.0/1.1 disabled.  Initially, we were told that release of 10.4.2 would resolve the issues, but after weeks of battling the configuration, we were finally informed that while 10.4.2 LFDS and LFDSSTS are built on .Net 4.7.2 and are no longer dependent, that the other products still require it.

0 0
replied on July 16, 2019

Forms 10.4.2 will also update .Net to 4.7.2 to follow suit.

In many cases, Forms 10.4.1 will work with TLS 1.2 if the registry is properly updated (as documented in my post above). For the case where LFDSSTS uses an alternative service with a certificate (like when it's in the DMZ), it is required to use .Net 4.7.2. For this setup, it will be supported with Forms 10.4.2. 

1 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...