Transport Layer Security (TLS) is an encryption protocol that ensures privacy and data integrity of information passed between two communicating applications. It’s the most widely deployed security protocol in use today and is used for web browsers and other applications that require data to be securely exchanged over a network. TLS ensures that a connection to a remote endpoint is the intended endpoint through encryption and endpoint identity verification.
Nintex Live services uses TLS as a key component of its security and the current version supported is TLS 1.2. To ensure the industry security standards are met, the support of legacy TLS 1.0 and 1.1 will be removed as they no longer meet the security standards. From December 1st 2020, Nintex will update the Live Router to remove support for Legacy Transport Layer Security (TLS) 1.0, 1.1. If any Nintex Live services are in use, you will be required to update your SharePoint deployment to support TLS 1.2 to ensure that the following Live services run properly:
- Live connectors
- Live Forms
This is applicable to Nintex for SharePoint 2010 and Nintex for SharePoint 2013.
This article includes the steps to take to ensure that TLS 1.2 is supported in your SharePoint environment.
Follow the steps below in your SharePoint environment to support TLS 1.2
Nintex for SharePoint 2013
- Create a text file with the following contents:
Windows Registry Editor Version 5.00 wHKEY_LOCAL_MACHINESOFTWAREMicrosoft.NETFrameworkv4.0.30319] "SchUseStrongCrypto"=dword:00000001 cHKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoft.NETFrameworkv4.0.30319] "SchUseStrongCrypto"=dword:00000001
- Save this file with the '.reg' extension. For example: 'TLS.reg'.
- Execute this .reg file on every server within the farm that is executing workflows.
Note: This needs to be done on all servers in the farm. - Restart the servers in the farms that the registry update was done for the change to be applied.
Nintex for SharePoint 2010
- Install hotfix for .NET to enable TLS 1.2 for .NET. Refer this Microsoft article to ensure that your SharePoint environment has the required .NET framework to use TLS 1.2.
- Open command prompt as administrator and run the following commands:
Note: This needs to be done on all servers in the farm.%windir%system32eg.exe add "HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoft.NETFrameworkv2.0.50727" /f /v DefaultSecureProtocols /t REG_DWORD /d 1 %windir%system32eg.exe add "HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoft.NETFrameworkv2.0.50727" /f /v SystemDefaultTlsVersions /t REG_DWORD /d 1 %windir%system32eg.exe add "HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoft.NETFrameworkv2.0.50727" /f /v SchUseStrongCrypto /t REG_DWORD /d 1 %windir%system32eg.exe add "HKEY_LOCAL_MACHINESOFTWAREMicrosoft.NETFrameworkv2.0.50727" /f /v DefaultSecureProtocols /t REG_DWORD /d 1 %windir%system32eg.exe add "HKEY_LOCAL_MACHINESOFTWAREMicrosoft.NETFrameworkv2.0.50727" /f /v SystemDefaultTlsVersions /t REG_DWORD /d 1 %windir%system32eg.exe add "HKEY_LOCAL_MACHINESOFTWAREMicrosoft.NETFrameworkv2.0.50727" /f /v SchUseStrongCrypto /t REG_DWORD /d 1
-
Restart the servers in the farms that the registry update was done for the change to be applied.
For more information, see the following Microsoft article:
Transport Layer Security (TLS) best practices with the .NET Framework