Versions Compared

Old Version 9

changes.mady.by.user Ribbon Communications

Saved on

compared with

New Version 10

changes.mady.by.user Ribbon Communications

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Add_docset_workflow
AUTH1
DEV1
LDEV1
SVT1
LSVT1
AUTHJIDSYM-20206

Overview

After the

Spacevars
0company
Spacevars
0longproduct
obtains the required certificates, configuration of several options/attributes on both the server and client is necessary before TLS can employ the certificate(s) in establishing a secure connection. The attributes are configured in TLS profiles. Attributes include, but are not limited to, such things as Client Ciphers, and inactivity timeouts.

TLS Profiles are used by SIP Signaling Groups when the TLS transport type is selected for incoming and outgoing SIP trunks (Listen Ports), and in SIP Server Tables when TLS is selected as the Server Host protocol.

Spacevars
0company
Spacevars
0longproduct
supports only The SBC supports TLS 1.0 , SSL Only, TLS 1.2 Only, and TLS 1.0-1.2. SSL 3.0 and SSL 2.0 are not supported due to security risks and vulnerabilities.

TLS 1.2 Only Requirements

The table below lists requirements, such as client, cumulative updates, etc. that are required for using TLS 1.2.

Caption
0Figure
1TLS 1.2 Requirements
TLS 1.2Required
Skype for Business On Premises SBA(tick)
WS2012R2 ASM(tick)

Valid with Clients:

  • Lync 2013 (Skype for Business) Desktop Client, MSI and C2R, including Basic 15.0.5023.1000 and higher
  • Skype for Business 2016 Desktop Client, MSI 16.0.4678.1000 and higher, including Basic
  • Skype for Business 2016 Click to Run Require the April 2018 Updates:
    • Monthly and Semi-Annual Targeted – 16.0.9126.2152 and higher
    • Semi-Annual and Deferred Channel – 16.0.8431.2242 and higher
(tick)
Cumulative Updates - Skype for Business - March 2018 or Higher(tick)
ASM Roll-up - June 2018. Apply the Security Template after applying the ASM RollUp.(tick)

Before enabling TLS 1.2 Only on SBA, prepare the Skype for Business environment.

Refer to:  https://blogs.technet.microsoft.com/nexthop/2018/04/18/disabling-tls-1-01-1-in-skype-for-business-server-2015-part-1

(tick)

Working with TLS Profiles

...