Submit a ticketCall us

Have You Auto Renewed? If not, you're missing out.
The SolarWinds Renewal Program comes with a host of benefits including the most recent product updates, 24/7 technical support, virtual instructor-led training and more. Experience all of this with the convenience of Auto Renewal, and never worry about missing any of these great benefits. Learn More.

Home > Success Center > Network Performance Monitor (NPM) > Enable TLS in Orion Platform products

Enable TLS in Orion Platform products

Table of contents

Updated April 3, 2017

Overview

Products running on Orion Platform must enable TLS.

On Windows Vista and Windows Server 2008 or later, TLS 1.0 is enabled by default.
On Windows 8 and Windows Server 2012 or later, TLS 1.1 is enabled by default.

Refer this Microsoft article for detailed information on which TLS protocol versions are supported and enabled by default on supported Microsoft Windows version.

 

When TLS is disabled, some of the following errors may occur:

  • Log & Event Manager can fail to start
  • Kiwi CatTools fails to send emails
  • HTTPS monitoring can stop
  • Storage Manager can be unable to collect data from IBM SVC
  • NCM does not work as expected
  • IP Monitor Service can fail to start
  • Server & Application Monitor may have errors

 

The TLS versions that your operating system support are enabled or disabled in the registry, and can be enabled or disabled for server and/or client communication.

For example:

  1. TLS 1.0 is disabled for client communication if the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client exists and if one of the following is true:
    • The entry Enabled exists with a value 0
    • The entry DisabledByDefault exists with a non-zero value and the entry Enabled does not exist or exists and has the value of 0.
  2. TLS 1.0 is disabled for server communication if the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server exists and if one of the following is true:
    • The entry Enabled exists with value 0
    • The entry DisabledByDefault exists with non-zero value and the entry Enabled does not exist or exists and has the value of 0.

SolarWinds requires that at least one of TLS 1.0 or TLS 1.1 is enabled for both client and server communication.

View TLS compatibility with Orion Core Products to verify if your SolarWinds Orion products work with TLS 1.0 disabled.

Environment

All Orion products running on Orion Platform 2017.1 and earlier, such as:

  • NPM 12.1 and earlier
  • SAM 6.4 and earlier

Steps

SolarWinds strongly recommends that you back up your registry before editing it and only make registry changes according to our instructions. Failure to follow these instructions can introduce errors into the application or, in some situations, cause operating system issues.

  1. Log in to the SolarWinds Orion server as an administrator.
  2. Back up your registry.
  3. Open the registry editor.
  4. To enabled TLS 1.0 find or create the following keys:

    • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client
    • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server
  5. In each key find or create the following REG_DWORD values:
    • DisabledByDefault with the value set to 0 decimal
    • Enabled with the value set to 1 decimal
  6. To enabled TLS 1.1 find or create the following keys
    •  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client
    • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server
  7. Within each key find or create the following REG_DWORD values:
    • DisabledByDefault with the value set to 0 decimal
    • Enabled with the value set to 1 decimal
  8. Reboot the computer.

TLS 1.0 and TLS 1.1 is now enabled.

 

Disclaimer: Please note, any content posted herein is provided as a suggestion or recommendation to you for your internal use. This is not part of the SolarWinds software or documentation that you purchased from SolarWinds, and the information set forth herein may come from third parties. Your organization should internally review and assess to what extent, if any, such custom scripts or recommendations will be incorporated into your environment.  You elect to use third party content at your own risk, and you will be solely responsible for the incorporation of the same, if any.

 

Last modified

Tags

Classifications

Public