A TLS security update is coming - upgrade your ShareFile tools

  • 1
  • Question
  • Updated 2 months ago
Hello

We received the below email

To help our customers meet compliance requirements, we are upgrading the ShareFile TLS implementation.

After October 31, 2019, TLS versions 1.0 and 1.1 will be disabled, and older ShareFile components will no longer function. Before this date, please plan to upgrade your ShareFile tools to the most recent versions.


We currently have a bunch of powershell scripts that auto syncs files from a central location to sharefile. This is schedule to run every night.

Will the above upgrade effect this at all? I dont see anything within our script that specifically defines what version of TLS it uses.

thanks

Alex

Photo of Alex

Alex

  • 2 Posts
  • 0 Reply Likes

Posted 1 year ago

  • 1
Photo of Nick Nicholls

Nick Nicholls, Software Engineer

  • 23 Posts
  • 2 Reply Likes
Powershell gets the TLS version based on whatever .net framework is being used, and you should be able to override it with a few registry changes if you have to. I don't think it will be a problem for you.
Photo of Ken

Ken

  • 3 Posts
  • 0 Reply Likes
Hi Nick,

What registry changes need to be done to enable TLS 1.2?  How can I test this before TLS 1.1 is depreciated?  I have quite a bit of business functionality in powershell.  I don't want to take any chances.

Thanks,

Ken
Photo of Nick Nicholls

Nick Nicholls, Software Engineer

  • 23 Posts
  • 2 Reply Likes
I don't remember the registry changes, you may need to look that up.

If you know a site that only allows TLS1.2, then you can try something like:
Invoke-WebRequest -Uri https://apod.nasa.gov/apod/
If the site only allows 1.2, and you don't have 1.2 enabled, then the command should fail.


If you want to change the TLS version within powershell, you can run this command at the beginning:
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls11 -bor [System.Net.SecurityProtocolType]::Tls12;
Photo of Ken

Ken

  • 3 Posts
  • 0 Reply Likes
So the ShareFile powershell sdk uses Invoke-WebRequest for connections?  I have tested it with various sites and it seems to work.  I just want to confirm that when connecting to sharefile it will work.  Is there any sharefile URL setup to test TLS 1.2 compliance?
Photo of Nick Nicholls

Nick Nicholls, Software Engineer

  • 23 Posts
  • 2 Reply Likes
I don't know of a current sharefile link that only supports 1.2.

https://apod.nasa.gov/apod/ is 1.2 only, so if that works, you should be ok.
Photo of Ken

Ken

  • 3 Posts
  • 0 Reply Likes
Ok, thank you for your help!