3CX Client Update Fails to negotiate SSL/TLS

Discussion in 'Windows' started by Thomas Miller, Apr 6, 2018.

Thread Status:
Not open for further replies.
  1. Thomas Miller

    Joined:
    Apr 6, 2018
    Messages:
    2
    Likes Received:
    0
    Hello All -

    I switched my users from Fonality to 3CX a couple of days ago. During testing, our PCI scan showed TLS 1.0 was enabled on the management interface. As this is now a failing condition, I disabled TLS 1.0 and 1.1 in the nginx.conf file and restarted nginx. Everything worked so I thought all was well. However, after bring users onboard, it now seems that without TLS 1.0 enabled, the Windows client cannot update. If I re-enable TLS 1.0, it works. Is there a fix for this that would allow me to disable the weak ciphers and still have the clients update?
     
  2. YiannisH_3CX

    YiannisH_3CX Support Team
    Staff Member 3CX Support

    Joined:
    May 10, 2016
    Messages:
    4,891
    Likes Received:
    321
  3. Thomas Miller

    Joined:
    Apr 6, 2018
    Messages:
    2
    Likes Received:
    0
    Thank you. I noticed a similar answer in another thread and was able to fix the issue by re-enabling TLS 1.0 and 1.1, allowing the update, then disabling. From the thread I saw, this will be the last time we will have to do this.
     
  4. LeonidasG

    LeonidasG Support Team
    Staff Member 3CX Support

    Joined:
    Nov 19, 2008
    Messages:
    1,422
    Likes Received:
    83
    Exactly.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Thread Status:
Not open for further replies.