* This applies to SafeConsole On-Prem and up

As of SafeConsole 5.3.2 Build 273, TLS 1.0/1.1 support has been removed by default from SafeConsole. This includes new and upgraded installations. This change was made to provide greater security and compliance with strict regulations. Devices not on client 4.8.5 or greater should either be updated or replaced. If you prefer to re-enable older TLS support the following instructions can be followed.

SafeConsole 5.6+

In SafeConsole 5.6 and later TLS 1.0/1.1 can be enabled on the final step of the configurator with a checkbox. 

SafeConsole versions older than 5.6

  1. Stop the SafeConsole service. This can be done 3 ways:
    • Running the command: net stop safeconsole
    • Stop with Microsoft services Snap-in
    • Opening the SafeConsole Configurator

  2. Go to the SafeConsole install folder. By default, this is located at C:\Program Files (x86)\safeconsole

  3. Open server.xml.template in the conf folder with a text editor as an admin

  4. Find the line that states:  sslProtocols="TLSv1.2"

  5. Change it to:  sslProtocol="TLS" Note that the final "s" is removed from "sslProtocols"

  6. Save the change.

  7. Run the Configurator and keep all other settings. SafeConsole will start and legacy TLS will be enabled.