Octopus is set for old ssl protocols / not TLS -- believe historically set but cannot find how to switch-off

Hi, hope someone can help…
Using Octopus for sometime; on 3.3.11 currently.
My belief is that sometime in the distant past it was configured for SSLv2/v3 only support, presumably to support some 3rd party old connection. (Found that server had also only been set to only SSL and changed this, but Octopus is still only working on SSL, not TLS)

Windows 2008R2/.Net4.5; only if SSL enabled on the system & SSL enabled in a browser can we get a secure connection to the server, but affecting our external build package process as this must use https.
(Using IIS with same cert on same server - all is fine, with TLS.)

We have been unable to find a config anywhere to control this but hoping that we have just missed it somewhere…
Really Appreciate,

Hi Lee,

Thanks for getting in touch!

Octopus supports TLS 1.2 throughout - there is no special configuration required to enable this. I believe the last known TLS related 1.2 issue was fixed in 3.3.11 (which you are already running).

I fought with an installation around this particular issue. Have you locked down the available SSL protocols on the server? (see https://technet.microsoft.com/en-us/library/dn786418(v=ws.11).aspx). I know that we had successful connections across the board with the non allowed protocols (in this case, SSL 2.0/SSL 3.0/TLS 1.0/TLS 1.1) disabled. There may be some negotiation where it is choosing the wrong protocol (though I would have assumed it would choose the highest?).

Hope that helps!



This issue has been closed due to inactivity. If you encounter the same or a similar issue and require help, please open a new discussion (if we asked for logs or extra details in this thread, consider including them in the new thread). If you are the creator of this thread and believe it should not be closed let us know via our support email.