How to Enable TLS 1.2 on Windows 7 and Windows 8?
Question
How to Enable TLS 1.2 on Windows 7 and Windows 8?
Answer
TLS 1.2 and newer versions have been the de facto recommendation for quite some time, and almost all latest operating systems are already configured to support version 1.2 or higher out-of-the-box and would usually not require any change. O
n devices running legacy operating systems like Windows 7 and Window 8, the ISA User Portal may be inaccessible and the ISA User Agents may be unable to connect. This would affect the ability of end-users to access corporate applications using the ISA solution.
Here are the steps to Enable TLS 1.2 on Windows 7 and Windows 8:
Step 1. Ensure Windows 7 devices have Service Pack 1 (SP1) installed
Step 2. Download and run this Registry Patch File in an Elevated Admin Command Prompt on Windows 7 and Windows 8 devices that will automatically set all the registry keys with a single click
Step 3. Install the Windows Update KB3140245 Security Patch
Step 3. Install the Windows Update KB3140245 Security Patch
Step 4. Perform a system Restart
Additional Information
The TLS 1.0/1.1 encryption protocols are aging versions of the TLS standard. In an acknowledgment of the vulnerabilities affecting these versions, the IETF has announced their official deprecation in favor of TLS 1.2 or higher. It is possible for an attacker to launch a TLS 1.0 based attack from clients which support only 1.0, when the server supports the connection. TLS 1.0 has several flaws, for example, an attacker can cause connection failures and they can trigger the use of TLS 1.0 to exploit vulnerabilities like BEAST(Browser Exploit Against SSL/TLS) which is a client side attack that uses man-in-the-middle technique, or POODLE, also an MITM attack that would downgrade the connection to a protocol that was vulnerable to the attack. POODLE primarily targeted SSL 3.0, however, TLS 1.0 and TLS 1.1 were also vulnerable.
TLS 1.3 is another exciting protocol update that we can expect to benefit from for years to come. Not only will encrypted (HTTPS) connections become faster, but they will also be more secure. It has eliminated support for algorithms and ciphers that are both theoretically and practically vulnerable.
In accordance with InstaSafe's mission to keep customer networks safe online, support for Transport Layer Security (TLS) versions 1.0 and 1.1 was removed across the InstaSafe Secure Access (ISA) solution on Saturday, 10th July 2021 and
all connections to our services would require TLS 1.2+ compatible clients. The decision to deprecate support is aligned with industry recommendations and follows similar announcements made by all major web browsers.
Devices running Windows 8.1 and above, or Android 5.0 and above, or iOS 11 and above will NOT be impacted
If you are an Admin of the organization's ISA Account and need assistance, contact
InstaSafe Support.
Related Articles
ISA Windows Integrated MFA
This Article serves as a Whitepaper for the ISA Windows Integrated MFA feature Introduction A User in InstaSafe Secure Access (ISA) with Authentication Type set to ‘Certificate’ would not be prompted by the ISA App for credential verification and ...Windows ISA App Installation Error "Device OS does not match any of the configured devices"
This Article highlights the steps to be taken in case the ISA App on Windows fails to install and the error message is "Device OS does not match any of the configured devices". Issue The ISA App on Windows fails to install as expected and the error ...Uninstall the ISA App from Windows
This Article provides guidance on how to uninstall the ISA App from Windows Step 1: Exit the ISA App In case the ISA App is still running, 'Disconnect' and 'Exit' from the Notifications Area of the Taskbar. Step 2: Uninstall the ISA App Navigate to ...Install the ISA App on Microsoft Windows
This Article provides guidance on how to install the ISA App on Windows The ISA App is unique to every organization. The windows installer for an organization would only work for users provisioned in that specific ISA Account. Elevated Admin ...MacOS ISA App Connection Error "This computer is not approved for use with InstaSafe Secure Access"
This Article highlights the steps to be taken in case users are unable to connect the ISA App on macOS and the error message received is "This computer is not approved for use with InstaSafe Secure Access" Issue The ISA App on MacOS doesn't connect ...