Skip to main content

TLS Versions below version 1.2

Article # 3036205 - Page views: 128


DTCC has announced to discontinue support for TLS versions below TLS v1.2. What does it mean for Optitrade Confirm?


As one may be aware that DTCC Omgeo is upgrading their TLS version to 1.2. This would mean a few changes for Optitrade Confirm application.

For the upcoming TLS v1.2 upgrade, there is a new OmgeoDCIWeb_API.DLL v4.0.7 provided by Omgeo and an upgraded version of OmgeoWrap.DLL by Optitrade. We can supply both the DLLs to you. 

Steps to Upgrade

•    Ensure that .NET Framework 4.7.1 is installed on your server
•    Backup existing DLLs in <InstallationDrive>:\Optitrade Confirm\Flow\Prog folder
•    Replace the existing DLLs with the new ones and register the new DLLs


This Upgrade should first be conducted in the TEST / UAT Environment before promoting to PROD and ensure a successful connection to CTM is established using the new DLLs. 
According to Omgeo this change will go live in Q1 2020. Until then TLS 1.0 and TLS 1.1 will be supported. 


Please also find attached Omgeo's documentation for the upgrade details.  

Additionally, if you are seeing an API Code: 030 error in the TRACE logs, you might need to update the server's registry to enable the TLS v1.2. 

23/07/20 14:25:37.414   DCIWebSession.Login1  Caught Exception
Exception API Code: 030
The request was aborted: Could not create SSL/TLS secure channel.

As of 1st Oct 2022, DTCC discontinued support for any TLS/SSL versions lower than TLS 1.2.  As a result, please ensure below changes are done so CTM connection is successful on UAT, PROD and DR servers:

Below are the settings that should be present in registry. 

"SchUseStrongCrypto" = dword:00000001

"SchUseStrongCrypto" = dword:00000001

"SchUseStrongCrypto" = dword:00000001 

"SchUseStrongCrypto" = dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]

** If any other TLS (lower than 1.2) or SSL versions are configured in registry, disable them


After updating registry settings, reboot the server for the change to be reflected.  

Level of Complexity 



Applies to  

Product Version Build Environment Hardware
Kofax Optitrade Confirm 5.x      


  • Was this article helpful?