TLS 1.0 and 1.1 were introduced as security protocols to provide authentication, privacy, and data integrity between two communicating computer applications. As with all protocols, newer versions of TLS have been developed to improve security and performance. Although Egnyte servers have been configured to support more modern versions of TLS protocols, such as TLS 1.2, we have continued supporting TLS 1.0 and 1.1 for a small percentage of customers.
To ensure we are using the highest security standards and safeguarding, we are retiring TLS 1.0 and 1.1 on February 28th, 2020. This means Egnyte servers and services will reject all incoming communications using these older versions of TLS. If you are still using TLS 1.0 or 1.1, you'll need to take action soon and upgrade to TLS 1.2. To ensure a smooth transition, please follow the steps below:
Egnyte has ended support for Windows 7, 8, and 8.1 as of January 14th, 2020.
Enable TLS 1.2
Please click the link below to download the registry script and double click the .REG file to enable TLS 1.2.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client] "DisabledByDefault"=dword:00000000
To do perform this manually, follow the steps below:
Enable version 1.2 of TLS from the registry using the registry editor.
- Go to this registry location:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\ - To enable 1.2, you'll need to create new keys called TLS 1.2 underneath the 'Protocols' key.
- Once the key structure is created, you can proceed to create the following entry under TLS 1.2/Client:
Entry type: DWORD (32 bit)
Name: DisabledByDefault
Value: 0
Disable TLS 1.0 and 1.1 (Optional)
Please click the link below to download the registry script and double click the .REG file to disable TLS 1.0 and 1.1.
.REG to disable TLS 1.0 and 1.1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client]
"Enabled"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client]
"Enabled"=dword:00000000
To do perform this manually, follow the steps below:
Disable TLS 1.0 and 1.1 from the registry using the registry editor.
- Go to this registry location:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\ - If a TLS 1.0 key is present, go inside the folder (see next step). If not, you will have to create a new Key and name it 'TLS 1.0'
- If the TLS 1.0 key exists, you should also have a key called 'Client' underneath. If not, you will have to create it as you did in the previous step.
- Go into the 'Client' key and create the following entry:
Entry type: DWORD (32 bit)
Name: Enabled
Value: 0 - Repeat the above steps for disabling TLS 1.1
Note on Windows Server
The Desktop App is not officially supported on Windows Server, so the instructions above are for the normal version of Windows. Depending on the configuration, Windows Server users may need to create extra keys called 'Server' under Protocol/TLS 1.0, Protocol/TLS 1.1, Protocol/TLS 1.2 with the same Enabled and DisabledByDefault entries under each 'Client.' For more information, please check out this blog post from Microsoft.