Versions Compared

Old Version 1

changes.mady.by.user Kiss, Mate

Saved on

compared with

New Version Current

changes.mady.by.user Gabor Moczar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Status
subtletrue
colourGreen
titleAvailable in 9.4 and above

By default, all Verba services prefer TLS 1.2. For security or compliance reasons, administrators can choose to lock down the TLS version of the Verba system to 1.2, and therefore disable TLS 1.0 and TLS 1.1. This document provides an overview of how to enable TLS 1.2 and disable TLS 1.0 and 1.1 for the Verba product.

Use Verba v9.2 or later
ComponentHow to Configure TLS 1.2
Internal communication between Verba servers and components
  • Follow the information in the following article to disable TLS 1.0 and TLS 1.1 on Windows: https://docs.microsoft.com/en-us/windows-server/security/tls/tls-registry-settings

    • Step 1 - Ensure that TLS 1.2 is not disabled on the Verba servers

    Step 2 - Open the Web Application and navigate to System\Servers and select the server

    Step 3 - Select the Change Configuration Settings tab, Server Certificate - Advanced TLS Settings node

    Step 4 - Set Enable TLSv1 and Enable TLSv1.1 to No, and Enable TLSv1.2 to Yes

    Step 5 - Save the changes and click on the click here link to apply the changes   

    Additional configuration for the following services:

    Verba Avaya DMCC/JTAPI Service
    Verba Cisco Central Silent Monitoring Service
    Verba Cisco Compliance Service
    Verba Cisco JTAPI Service

    Step 1 - Go to the Java home directory

    Step 2 - Open the conf/security/java.security or lib/security/java.security (JDK 8 and earlier) file using notepad with elevated permissions

    Step 3 - Change the jdk.tls.disabledAlgorithms property by appending ", TLSv1, TLSv1.1"
    As an example:
    jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \
    EC keySize < 224, 3DES_EDE_CBC, anon, NULL, TLSv1, TLSv1.1

    Step 4 - Save the changes

    Step 5 - Restart the impacted Verba Service

    HTTPS connection with the Web Application

    Follow the instructions on all Media Repository Servers:

    Step 1 - Go to C:\Program Files\Verba\tomcat\conf

    Step 2 - Create a backup of the server.xml file

    Step 3 -

     Open

     Open the server.xml file using notepad with elevated permissions

    Step 4 -

     Change

     Change the value of the SSLProtocol from "TLSv1+TLSv1.1+TLSv1.2" to "TLSv1.2"

    Step 5 - Save the changes

    Step 6 - Restart the Verba Web Application Service

    Encrypted SQL Server communication

    Follow the information in the following article: https://support.microsoft.com/en-gb/help/3135244/tls-1-2-support-for-microsoft-sql-server

    To enable encrypted communication with the SQL Server in Verba, follow Configuring encryption for database connections

    Communication between the installer and the Web Application during certificate generation
    From Verba v9.4, the

    The installer uses TLS 1.2 by default when requesting certificates from the Verba CA.