|
|
|
|
Enable TLS 1.2
Oracle recommends that you configure the following security settings on the Central Coding application server:
- Enable TLS 1.2 and higher.
- Disable SSL 2.0, SSL 3.0, TLS 1.0, and TLS 1.1.
If TLS 1.2 is enabled on the InForm Adapter computer or on the address translator (in a load-balanced configuration, for example), you must enable TLS 1.2 on the Central Coding application server:
- In HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols, create the following keys and subkeys:
Registry settings required for enabling TLS 1.2
Key
Subkey
Entries
SSL 2.0
Client
- DisabledByDefault=1
- Enabled=0
Server
- DisabledByDefault=1
- Enabled=0
SSL 3.0
Client
- DisabledByDefault=1
- Enabled=0
Server
- DisabledByDefault=1
- Enabled=0
TLS 1.0
Client
- DisabledByDefault=1
- Enabled=0
Server
- DisabledByDefault=1
- Enabled=0
TLS 1.1
Client
- DisabledByDefault=1
- Enabled=0
Server
- DisabledByDefault=1
- Enabled=0
TLS 1.2
Client
- DisabledByDefault=0
- Enabled=1
Server
- DisabledByDefault=0
- Enabled=1
- In HKLM\SOFTWARE\Microsoft\.NetFramework\v4.0.30319, create a key called SchUseStrongCrypto with the DWORD value=1.
