Is TLS 1.2 supported for Essentials 4.7 and HTML5 v2.8 Viewer?

Permanently deleted user

November 30, 2017 01:42

Our I.T. Department would like to disable SSL 3.0 TLS 1.0 and 1.1, and use TLS 1.2. What impact will this have (if any) on Essential 4.7 and HMTL5 v2.8 applications?

0

• 

  Tom Neer

  November 30, 2017 17:35

  We generally recommend using the "Best Practices" setting on IIS Crypto 2.0 (https://www.nartac.com/Products/IISCrypto) by Nartac Software. This does leave TLS 1.0 and 1.1 enabled but disables SSL 3.0. It also disables a variety of other cipher suites that should not be used. I would also run your server through https://www.ssllabs.com/ssltest/ to confirm that everything is set reasonably.

   

  If you disable TLS 1.0, just be aware that this may affect some end users on older operating systems and browsers (e.g. IE 10 and earlier, Safari 6 and older, Android 4.3 and older). If these are internal sites, where IT has updated everyone to newer browsers you are safe, but if they are public sites, you may want to weigh your options.

   

  If you disable SSL 3.0 on your ArcGIS REST endpoint, you may have issues with ArcGIS Server connections failing in the Geocortex Manager. We don't have that issue but there is a technical article (https://support.geocortex.com/essentialsGSCkba?sub-nav=kba&main-nav=essentials&#!/feedtype=SINGLE_ARTICLE_DETAIL&criteria=BESTANSWERS&id=kA360000000L14bCAC) that covers the fix.

   

   

  0
• 

  Dan Giersz

  November 30, 2017 18:21

  We just had to deal with this.  The network engineers implemented a new firewall that blocks TLS 1.0 by default.  This prevented one of our Geocortex servers from accessing the ArcGIS REST endpoints.

   

  The above mentioned technical article helped fix the issue.

  0

Please sign in to leave a comment.