FAQs on upgrading to TLS version 1.2
What is TLS?
TLS is a secure way of client-server data communication. The TLS protocol protects the confidentiality and integrity of the information passed between two systems.
Why migrate to TLS version 1.2?
As Site24x7 is a SaaS-based product, it is compulsory to upgrade to TLS version 1.2
for higher cipher suite and a more secure communication. Since the earlier versions of TLS (TLS 1.0 and 1.1) pose security issues, we are completely migrating to TLS version 1.2
What will happen if I don't upgrade to the latest version of TLS?
There will be no data collection and all the monitors will be turned to DOWN status.
How do I know which server monitors use the old version and need an upgrade?
Log in to Site24x7 and go to Server > Server Monitor > Servers.
In the Monitor Status
page, click on the filter icon to view servers using TLS versions 1.0 and 1.1
- Is there a work-around for the Windows server monitoring agent, to enable client-server data communication if TLS 1.2 version is not available?
Yes, in case you have older versions of TLS installed, please follow the steps mentioned in this article to ensure uninterrupted data collection. This is applicable only for Windows server 2003 and 2008.
- How do I update for a Linux server monitoring agent?
Ensure your Linux agents (both 64-bit and 32-bit) are upgraded to version 17.3.3 or above.
- What is the update process for FreeBSD, Mac (OS X), and ARM Processor?
Make sure you upgrade your OpenSSL library that supports TLS version 1.2.
- Do I need to update my server monitors?
No, the server monitors need not be updated. Depending on your OS platform,
- Perform an agent upgrade for Windows and Linux,
- Upgrade your OpenSSL version for FreeBSD, Mac and ARM Processor
Upgrading On-Premise Poller to the latest version
Go to Admin > On-Premise Poller in the Site24x7 web client Click on the name of the On-Premise Poller In the dashboard that opens up, click upgrade to the latest version Confirm it in the pop-up The latest version of the On-Premise Poller will be ...
What TLS versions are supported by the Windows agent?
We have terminated the support for earlier TLS versions (TLS 1.0 and TLS 1.1) and have completely migrated to TLS version 1.2. For the Windows Server Monitoring agent, TLS 1.2 is disabled by default for Windows 2008. To enable it, please try this ...
How to check if TLS 1.2 is enabled?
If the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client\DisabledByDefault is present, the value should be 0. If the registry key ...
TLS version 1.2 update in Windows Server 2008 R2, 2012, and Windows 7
Please follow the steps below: Ensure Service Pack 1 is installed in your Windows 7 and 2008 R2 servers. Make sure the Microsoft update catalog kb3140245 is installed. Follow the steps as given in this article Restart the server For the TLSv1.2 to ...
Why is my Windows server monitor in DOWN status, even after enabling TLS version 1.2
If the OS version is Windows 2008 R2 & above, check if: https://fancyssl.hboeck.de/ is accessible in IE from that server. The machine is rebooted after applying the TLS 1.2 Microsoft update. All the steps (particularly steps 5 & 6) mentioned in this ...