Create a New XCOM for Windows TLS v1.2 Connection
search cancel

Create a New XCOM for Windows TLS v1.2 Connection

book

Article ID: 118839

calendar_today

Updated On:

Products

XCOM Data Transport XCOM Data Transport - Windows

Issue/Introduction

How to create a new profile connection TLS v2 with XCOM™ Data Transport® for Windows to share files with a partner running TLS V1.2.

Environment

XCOM™ Data Transport® for Windows

Resolution

  1. XCOM for Windows 11.6 SP03 or 12.0 is required.
  2. Make sure you are using TLSV1.2 by specifying in the configssl.cnf file:
    [SSL_METHOD]
    INITIATE_SIDE = TLSV1.2
    RECEIVE_SIDE = TLSV1.2
  3. Upgrade your ciphers in the configssl.cnf file. In the XCOM configssl.cnf file there are the following statements:
    [CIPHER]
    INITIATE_SIDE = ALL:!ADH:!LOW:!EXP:MD5:@STRENGTH
    RECEIVE_SIDE = ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH

Meaning of values:

ALL = use all ciphers provided

!ADH: !LOW:!EXP = do not use these ciphers.

(The '!' is equivalent to a NOT)

 Please see Supported Cipher Suites for TLS v1.1 and TLS v1.2 in our online manual. Scroll down to see the Cipher Suite Table for TLS v1.1 and TLS v1.2.

So, in summary

  1. This box should be at XCOM 11.6 SP03 or 12.0
  2. All other XCOM partners must be running TLS 1.2
  3. Update configssl.cnf as above with TLS v1.2
  4. Specify ciphers for TLS v1.2 - there is a chart in the manual. Consult your security admin for the ciphers you should use. They may already have requirements.
Powered by Wolken Software