TLS 1.2. can be set in the eBiss Configurator or via the Registry:
In the eBiss Configurator, you can set the TLS protocol on the settings page under Miscellaneous
This setting was/is mandatory for Windows Server 2012R3, but not for Windows Server 2019. For Windows Server 2019 the following settings in the registry are sufficient. following settings in the registry.
You can check the settings with:
nmap --script ssl-enum-ciphers -p 9086 91.208.5.89
See https://docs.microsoft.com/en-us/mem/configmgr/core/plan-design/security/enable-tls-1-2-server.
Some servers only accept TLS1.2 encryption for security reasons. While most browsers already use this, the .net framework often needs to be reconfigured. This is done in the Registry, where the following values are entered:
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319] "SchUseStrongCrypto"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319] "SystemDefaultTlsVersions"=dword:00000001
Note: There is a corresponding Registry1) file available at:
..\eBiss\StandardTemplates\SystemTools\Tls1.2\TLS1.2 Registry.reg
This can be transferred to the registry with a right mouse click and the context menu command Merge. Then restart the eBiss service. Then https calls should work.