Skip to main content
Kofax

How to enable the Transport Layer Security (TLS) protocol versions 1.1 and 1.2 for use with Kofax TotalAgility 7.x

Question / Problem: 

How to enable the Transport Layer Security (TLS) protocol versions 1.1 and 1.2 for use with Kofax TotalAgility 7.x.

Answer / Solution: 

Due to known security vulnerabilities in older versions of the Secure Sockets Layer (SSL) and TLS protocols, the newer TLS protocol versions 1.1 and/or 1.2 should be used to secure KTA 7.x HTTPS communications.

 

To enable TLS 1.1 and 1.2 on each KFS server:

  1. Execute regedit.exe
  2. Navigate to HKLM SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols
  3. Create a new Key named TLS 1.2 if one does not already exist.
  4. In the TLS 1.2 Key, create a subkey named Server.
  5. In the Server Key, create a DWORD (32-bit) Value named DisabledByDefault.
  6. Set the DisabledByDefault value to 0.
  7. In the Server Key, create a DWORD (32-bit) Value named Enabled
  8. Set the Enabled value to 1.
  9. In the TLS 1.2 Key, create a subkey named Client.
  10. In the Client Key, create a DWORD (32-bit) Value named DisabledByDefault.
  11. Set the DisabledByDefault value to 0.
  12. In the Client Key, create a DWORD (32-bit) Value named Enabled.
  13. Set the Enabled value to 1.
  14. Navigate back to the Protocols Key.
  15. Create a new Key named TLS 1.1 if one does not already exist.
  16. In the TLS 1.1 Key, create a subkey named Server.
  17. In the Server Key, create a DWORD (32-bit) Value named DisabledByDefault.
  18. Set the DisabledByDefault value to 0.
  19. In the Server Key, create a DWORD (32-bit) Value named Enabled
  20. Set the Enabled value to 1.
  21. In the TLS 1.1 Key, create a subkey named Client.
  22. In the Client Key, create a DWORD (32-bit) Value named DisabledByDefault.
  23. Set the DisabledByDefault value to 0.
  24. In the Client Key, create a DWORD (32-bit) Value named Enabled.
  25. Set the Enabled value to 1.
  26. Reboot the server.

 

Applies to:  

Product Version Category
KTA 7.5 Server Configuration
KTA 7.4 Server Configuration
KTA 7.3 Server Configuration
KTA 7.2 Server Configuration
KTA 7.1 Server Configuration