NetTalk Central

Author Topic: NT and TLS 1.2  (Read 3664 times)

Alberto

  • Hero Member
  • *****
  • Posts: 1873
    • MSN Messenger - alberto-michelis@hotmail.com
    • View Profile
    • ARMi software solutions
    • Email
NT and TLS 1.2
« on: June 26, 2020, 06:56:03 AM »
Hi, in Argentina, our goverment are leaving tls 1.1 in its webservices and going to 1.2
Does Nt support this?
Thanks
-----------
Regards
Alberto

DonRidley

  • Don Ridley
  • Global Moderator
  • Hero Member
  • *****
  • Posts: 729
  • donaldridley2011@gmail.com
    • View Profile
    • Email
Re: NT and TLS 1.2
« Reply #1 on: June 26, 2020, 08:32:50 AM »
NT 11 supports up to 1.3.

You can set the .SSLMethod property in the ThisWebServer.Open method in the WebServer procedure.
Possible values are;

NET:SSLMethodTLS         ! Default, TLS 1.0 or higher
NET:SSLMethodTLS_PCI     ! TLS 1.1 or higher ; from NT 11.26 means TLS 1.2 or higher.
NET:SSLMethodTLSv1       ! TLS 1.0 only
NET:SSLMethodTLSv1_1     ! TLS 1.1 only 
NET:SSLMethodTLSv1_2     ! TLS 1.2 only
NET:SSLMethodTLSv1_3     ! TLS 1.3 only
NET:SSLMethodTLS_MIN1_1  ! TLS 1.1 or higher
NET:SSLMethodTLS_MIN1_2  ! TLS 1.2 or higher
NET:SSLMethodTLS_MIN1_3  ! TLS 1.3 or higher
NET:SSLMethodMaxOnly     ! highest level of TLS only (currently TLS 1.3)
"Eliminate the impossible, whatever remains, however unlikely, must be the truth."

NetTalk 12.55
Clarion 11

Alberto

  • Hero Member
  • *****
  • Posts: 1873
    • MSN Messenger - alberto-michelis@hotmail.com
    • View Profile
    • ARMi software solutions
    • Email
Re: NT and TLS 1.2
« Reply #2 on: June 26, 2020, 09:44:55 AM »
Thanks Don!!!
-----------
Regards
Alberto

Bruce

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 11250
    • View Profile
Re: NT and TLS 1.2
« Reply #3 on: June 29, 2020, 08:38:01 PM »
>> You can set the .SSLMethod property in the ThisWebServer.Open method in the WebServer procedure.

you can, but should not, set this property unless there are specific reasons for doing so.
Leaving it alone "as the default" is the best option because the default is updated from time to time to keep in tune with best practices.

Alberto, you should just leave it alone, and yes NetTalk has supported TLS 1.2 for a long time, and with NT11 added support for TLS 1.3 as well.

cheers
Bruce