Compatibility Issues With Disabling TLS 1.0

  • Updated

When disabling TLS 1.0 some functionality does not work, including esync.

Update: 8/26/2020

A TLS issue was found in 9.1SP3 and 9.2SP2 which prevented rendering of XSLTs when TLS 1.0 was disabled. 

9.1 SP3 Fix - Apply CU 53 or higher to 9.1 SP3. 

9.2 SP2 Fix - Apply CU 35 or higher to 9.2 SP2. 

Update: 5/17/2017

Version 9.2 also has this fix so you can go directly to that version instead of 9.1SP3. For XSLT use 9.2 may be required if https is used. 

Update: 4/22/2016

Engineering has added this fix in 9.1 SP3 with the latest cumulative site update. Please upgrade to this version to benefit from this change.

 Episerver is aware of potential compatibility issues with the Ektron platform supporting configurations without TLS 1.0 enabled on the web server. The issues appear to be with the Ektron Windows Service and more specifically; the eSync certificate read operations. At this time, the Ektron platform requires that TLS 1.0 remains enabled on all systems running an Ektron site. As we understand that this is an important configuration to support for our clients we are treating this with high-priority and will notify all clients via updates to this article on the customer portal of any solutions or progress towards the same. We additionally urge all customers seeking this configuration to prepare with all of the needed Microsoft updates including service packs and possible hotfixes to address any existing potential issues with Microsoft .NET, Microsoft SQL Server, and Microsoft IIS.