To enable the feature that allows users to activate licenses directly from the License Utility, a global registry setting was added to enable Transport Layer Security (TLS) 1.2. Per Microsoft's recommendations (link below), this change enables TLS 1.1 and TLS 1.2 while disabling deprecated, and soon to be deprecated, protocols (such as SSL and TLS 1.0).
The registry key is called "DefalutSecureProtocols" and is located in HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp (or HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp on a 32bit Operating system). The value is set to "0xA00" to enables TLS versions 1.2 and 1.1.
Problem
After installing KEPServerEX 6.0 and higher, some applications (such as Microsoft Office/Exchange and Cisco AnyConnect) no longer function as expected.
Solution 1 - Upgrade
Update applications that are using protocols such as SSL and TLS 1.0.
Solution 2 - Re-enable the Protocols
- Launch regedit.exe.
- Browse to: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp (or HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp on a 32bit Operating system).
- Change the value of DefaultSecureProtocols from 0xA00 to 0xAA8.
Solution 3 - Delete the DefalutSecureProtocols Registry Key
- Launch regedit.exe.
- Browse to: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp (or HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp on a 32bit Operating system).
- Delete DefaultSecureProtocols.
Re-installing KEPServerEX reintroduces this key.
Note: Changes made to the DefalutSecureProtocols key may prevent the ability to activate licenses directly from the License Utility.