search cancel

IT Analytics Not Supporting TLS 1.2


Article ID: 172566


Updated On:


IT Analytics


After updates from IT Analytics to support TLS 1.2, and  even though ITA is actually setting the protocol to be 1.2 when connecting back to the SQL server, the actual connection is managed by the .Net Framework settings and unfortunately those for pre-4.6 version always defaults to TLS 1.0.

A fatal error occurred while creating an SSL Client Credential.  The Internal Error State is 10013


IT Analytics for DLP 2.1.9


Registry Entry Configurations Missing as per Microsoft recommendations.


In order to make it work correctly, the following registry changes need to be applied:


  1. On the ITA server
  2. Open Administrative Tools
  3. Open Local Security Policy>Local Policies>Security Options
  4. Scroll down until you find “System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing”  Make sure it is enabled.
  5. Open a command prompt and type “GPUPDATE /Force”

This should resolve the TLS issues in play.

Note: Also see TECH251773 for other settings that may need to be enable for .NET to default to TLS 1.2