search cancel

TLS 1.2 support for Symantec VIP ADFS Plug-in

book

Article ID: 174339

calendar_today

Updated On:

Products

VIP Integrations

Issue/Introduction

Recent Microsoft security patches may disable the TLS 1.0/1.1 protocol on Windows Servers. If this happens on an ADFS server, the Symantec ADFS plug-in is unable to make a call to the VIP service.

 

Resolution

Apply the attached patch to any Windows ADFS server with the VIP plugin installed to enable VIP to use the TLS1.2 protocol. 

 Applying this patch will reboot the ADFS server automatically. Plan this activity accordingly.

Instructions: 

  1. Download the attached ADFS_TLS1.2_support.zip from this KB
  2. Extract the zip file.
  3. Log onto the Windows ADFS server machine where the Symantec plug-in is installed.
  4. Open Windows PowerShell. Navigate to the extracted folder and type useStrongCrypto.ps1
  5. The ADFS server will be restarted automatically by the script. 

Attachments

ADFS_TLS1.2_support.zip get_app