Updox Central Server 2008, 2012, and Windows 7 How to enable TLS

⚠️ Central is no longer supported on Windows Server 2008, 2012, or 2012R2, nor on Windows 7.

The below article is no longer applicable. Instead, please upgrade to a newer version of Windows that is supported by Microsoft and includes the latest security patches.

Customers using Updox Central on a server with Microsoft Windows 7 or Server 2008 R2 (Also applies to Small business server 2011) and some Server 2012 installations. are required to add a patch that Microsoft released. To verify connectivity:

1 Step 1. Install the KB3140245 Security Patch
2 Step 2. Updating your Windows Registry File
- 2.1 Microsoft Patch File
3 Step 3. Enable TLS 1.1 and 1.2 at the SChannel component level

Open Updox Central and click on the verify button under the Integration Key. If you get the error “oops your integration key is incorrect”, first verify the key. If not, then follow the steps below to enable TLS 1.1 and 1.2

If using a recent version of Windows – such as Windows 10 – you won’t be affected by this issue, provided you always install the OS updates through the official channels. Conversely, if you’re still using Windows 7 or Server 2008 you might have to perform some manual tasks in order to get rid of that outdated TLS version: on these systems.

Luckily enough, this can be fixed by setting your OS to never use TLS 1.0 anymore, and use TLS 1.1 and 1.2 by default. Here’s a small guide explaining how you can do that.

Step 1. Install the KB3140245 Security Patch

The first thing to do is to download and install the Windows KB3140245: you can do that using Windows Update, since it’s available as an optional update, or manually download it from the following official website:

http://www.catalog.update.microsoft.com/search.aspx?q=kb3140245

This will equip your OS with TLS versions 1.1 and 1.2.

Step 2. Updating your Windows Registry File

The next step you need to do is to patch your Windows Registry file, so that your OS will actually use the new TLS protocol versions (1.2, and 1.1 as a fallback) instead of outdated and vulnerable 1.0. This can be done either automatically (with an official Microsoft-released patch file) or by manually editing the registry file using regedit.

Microsoft Patch File

The Microsoft patch file is called MicrosoftEasyFix51044.msi and can be downloaded from this url:

https://support.microsoft.com/en-us/help/3140245/update-to-enable-tls-1-1-and-tls-1-2-as-default-secure-protocols-in-wi#easy

Step 3. Enable TLS 1.1 and 1.2 at the SChannel component level

The second thing to do, as explained in this TechNet article, is to create another DWORD key called DisabledByDefault in the following sections of your registry:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client

If you wish to make a .reg file and patch this way you can check the link

https://techcommunity.microsoft.com/t5/exchange-team-blog/exchange-server-tls-guidance-part-2-enabling-tls-1-2-and/ba-p/607761# and look at the section Enable TLS 1.2 for Schannel.

Once this is done Close out central and reopen it and hit verify again

You should get a success message

If not, please reboot system.

If you follow these steps and still have the same issue we recommend updating to a Supported Operating system as Windows 7 and Server 2008 are no longer supported by Microsoft and Updox.