TLS connection settings
TLS and SSL are cryptographic protocols that secure communication over a network by using security certificates to encrypt a connection between computers.
Operation model for the TLS settings
The default security protocol for AutoStore is TLS 1.2.
To overwrite the default protocol, do the following:
| Security protocol | Settings |
|---|---|
| OS system default protocol |
Create a new SystemDefaultTlsVersions DWORD with value ’1’ at HKLM\Software\(Wow6432Node)\Microsoft\.NETFramework\v4.0.30319. |
| A specific TLS protocol |
Create a string called TLS in the registry at HKLM\SYSTEM\CurrentControlSet\Services\autostore\Parameters\. It can be used with the desired TLS protocol setting values, for example Tls11, Tls12 or Tls13. You can combine them separated by comma, for example Tls12,Tls13. The value is case sensitive. |
-
These settings does not affect the AutoCapture and QuickCapture Pro connections between the client and the server.
-
The TLS registry settings affect only the .NET based components and the following capture devices:
-
HP MFP Digital Sender
-
Konica Minolta iOption
-
Kyocera MFP (HyPAS)
-
Xerox EIP Connect
See the component help for additional information.
-
-
HP OXPd, Kyocera, and Konica Minolta Combined Client does not support TLS 1.3.
-
Before the web application and TLS registry key take effect, the communication might use a less secure TLS version, depending on the device type. If you experience such a behavior, you can enforce the security by setting the S-Channel settings in the registry. The following registry entry handles Microsoft Windows controlled SSL/TLS protocols:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\ProtocolsS-Channel settings affect the following components:
-
DataFilter
-
Directory Services
-
Send to Database
-
Send to HTTP
-
Unified Client
-
WebCapture
-
Workflow Tracker
-