My organization is doing a poor job at managing TLS. Some systems are using legacy protocols and no one is taking responsibility for the mess. I am trying to build a matrix that outlines all the different areas of responsibilities to ensure modern TLS (1.2+) protocols are used across all systems.
Does anyone know of a matrix or RACI chart that exists already for something like this? Is it as simple as:
- Make sure TLS 1.2 is available on the host system and configured as the OS system default
- Make sure secure cipher suites are available and configured in a secure order preference
- Make sure each system has trusted certificates deployed to the host
- Make sure application code is written to use OS system default wherever possible, and only hardcoding 1.2 or 1.3 when the default OS version could not be used
- Continue to renew certificates before they expire
- Update default TLS version as new protocols become available
updated my windows 10 workstation to 1709 recently. I get this in mRenoteNG all the time now.
WarningMsg 50331715 Your computer can't connect to the remote computer because a security package error occurred in the transport layer. Retry the connection or contact your network administrator for assistance.
I have several different servers, all with Gateways defined and working up until now, and none of them work. If I put the exact same settings into RDC manually, they work fine. I cleared the credential cache in RDC as well, no change.
What am I missing here?
