Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Deepak_S_
Beginner
95 Views

How to enforce Mesh Central for TLS1.2 Certificate

Hi Team,

We have deployed mesh central server and apply certificate to support TLS1.0, TLS1.1 and TLS1.2. But for some securty reason we want to disable TLS1.0 from the mesh central server. But when we disable TLS1.0 at server, we are unable to connect our machine.

Can you please guide me, how can we enforce TLS1.2 at our mesh central server to avoid TLS1.0 cerificate.

Please let me know, if you need any more information.

Waiting for your response.

Regards

Deepak

 

 

0 Kudos
3 Replies
Deepak_S_
Beginner
95 Views

Guys,

Any update on this. Please let me know if you need any more information.

 

Thanks

Deepak

Ylian_S_Intel
Employee
95 Views

Hi. Sorry for the delay, I am been traveling. Disabling TLS 1.0 is completely understandable. A few questions on your setup:

 - Are you using MeshCentral1 or MeshCentral2 as your server?
 - When you say you can't connect to the computers, are you talking about the MeshAgent or AMT?

A note that I am currently working on MeshCentral2 (http://www.meshcommander.com/meshcentral2). I recently updated that version to support all the latest security (RSA3072, SHA386, TLS1.2).

Thanks,
Ylian

Deepak_S_
Beginner
95 Views

Thank you Ylian for your response.

Here is my comment:

 Are you using MeshCentral1 or MeshCentral2 as your server?

- We are currently using MeshCentral1 as our Mesh Central Server.

 When you say you can't connect to the computers, are you talking about the MeshAgent or AMT?

- If we disable TLS1.0, We are unable to connect through MeshAgent. No device seen as "Power On" at the Mesh Server dashboard.

Note: We are planning to upgrade the our server with MeshCentral2 in first quarter of next year. 

But presently we need to use the current server on TLS1.0 disabling mode. It is creating security vulnerability issue at our end.

I hope all the information provided to you.If you need any more information, please let me know.

Thanks

Deepak