We have deployed mesh central server and apply certificate to support TLS1.0, TLS1.1 and TLS1.2. But for some securty reason we want to disable TLS1.0 from the mesh central server. But when we disable TLS1.0 at server, we are unable to connect our machine.
Can you please guide me, how can we enforce TLS1.2 at our mesh central server to avoid TLS1.0 cerificate.
Please let me know, if you need any more information.
Waiting for your response.
Hi. Sorry for the delay, I am been traveling. Disabling TLS 1.0 is completely understandable. A few questions on your setup:
- Are you using MeshCentral1 or MeshCentral2 as your server?
- When you say you can't connect to the computers, are you talking about the MeshAgent or AMT?
A note that I am currently working on MeshCentral2 (http://www.meshcommander.com/meshcentral2). I recently updated that version to support all the latest security (RSA3072, SHA386, TLS1.2).
Thank you Ylian for your response.
Here is my comment:
Are you using MeshCentral1 or MeshCentral2 as your server?
- We are currently using MeshCentral1 as our Mesh Central Server.
When you say you can't connect to the computers, are you talking about the MeshAgent or AMT?
- If we disable TLS1.0, We are unable to connect through MeshAgent. No device seen as "Power On" at the Mesh Server dashboard.
Note: We are planning to upgrade the our server with MeshCentral2 in first quarter of next year.
But presently we need to use the current server on TLS1.0 disabling mode. It is creating security vulnerability issue at our end.
I hope all the information provided to you.If you need any more information, please let me know.