locked
Turn off TLSv1.0 RRS feed

  • Question

  • We have Windows Server 2012 Essentials running happily and we use the Access Anywhere Remote Desktop facility with a certificate produced with the Microsoft remotewebaccess  service.

    Recently we have failed a Trustwave credit card PCI scan, and to pass this we need to turn off TLSv1.0, I think I can see how to do this by editing the registry (I successfully turned SSL 3 off), but from what I have read this could also cause the Remote Desktop to fail, and I right or can I turn it off? If there is a problem is there a work around?

    Any help will be much appricated.

    Regards,

    Paul

    Thursday, July 30, 2015 10:08 AM

Answers

  • You are correct if you disable tls v.1 RWW breaks.  There is no workaround.  Well I suppose if you count LogmeIn as a workaround.....

    Grey

    Friday, July 31, 2015 12:35 AM
  • To work around it you have to also edit the RDP gateway connectivity settings.  We're asking the product team to provide guidance.

    It is my opinionated opinion that an Essentials server cannot be PCI compliant and run credit cards through it - you are saving files on a domain controller.  Is there any means for you to move the credit card processing to a separate LAN/connection/something where the Essentials box cannot be scanned?

    Friday, July 31, 2015 12:46 AM

All replies

  • You are correct if you disable tls v.1 RWW breaks.  There is no workaround.  Well I suppose if you count LogmeIn as a workaround.....

    Grey

    Friday, July 31, 2015 12:35 AM
  • To work around it you have to also edit the RDP gateway connectivity settings.  We're asking the product team to provide guidance.

    It is my opinionated opinion that an Essentials server cannot be PCI compliant and run credit cards through it - you are saving files on a domain controller.  Is there any means for you to move the credit card processing to a separate LAN/connection/something where the Essentials box cannot be scanned?

    Friday, July 31, 2015 12:46 AM