Unable to disable TLS 1.0 for Passwordstate 8.4

[Guest Passwordstate_user]

Hello All,

We have a Passwordstate 8.4 installed that is connecting to the SQL DB. When we are disabling the TLS 1.0 on the Passwordstate and on the SQL server (Windows 2012 R2,SQL 2016) following error is logged on the SQL DB side:

Error Code = A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider, error: 0 - An existing connection was forcibly closed by the remote host.)

 

Below are the registry keys that are used to disable the TLS 1.0 :

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server\Enabled REG_DWORD 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server\DisabledByDefault REG_DWORD 1

 

Is there a way to verify why the application is trying to use the TLS 1.0 and reconfigure this to use only TLS 1.2?

[support]

Hello,

Passwordstate should work fine with TLS 1.0 and 1.1 disabled – we’ve tested this ourselves, and other customers have disabled these protocols as well. Could you please try the following, on both your Web and Database Servers:
 

1.    Using the following IIS Crypto Tool, click on the ‘Best Practices’ button, then close the application - https://www.nartac.com/Products/IISCrypto/
2.    Follow the instructions again for changing the registry keys, as IIS Crypto may have updated them. You can refer to this document for that https://support.microsoft.com/en-au/help/3135244/tls-1-2-support-for-microsoft-sql-server, in the section ‘Frequently Asked Questions’
3.    Now reboot both servers

Hopefully this should resolve it for you.

 

Regards
Click Studios