Does BC/NAV require TLS (on the server)?

  • Business Central / NAV UG

    Does BC/NAV require TLS (on the server)?

    Posted by Lewis Rosenberg on January 26, 2024 at 5:21 pm

    Our server team wants to disable TLS 1.0 and 1.1 (keeping 1.2 enabled). They are asking if that will affect Business Central (BC14 on premise). Does anyone know anything about this?

    Lewis Rosenberg replied 3 months ago 3 Members · 4 Replies
  • 4 Replies

  • Jeff Woodard

    Member
    January 26, 2024 at 6:21 pm
    Up
    0
    Down
    ::

    I can’t speak specifically to BC, but I suspect your major impacts will be on the SQL server, web server, and web clients rather than NAV/BC. It is a very good security measure to adopt. We did this about 2 years ago with on-prem SQL and web servers, and didn’t have any major issues. I recall we did have some unexpected issues with MS Office (I can’t recall specifically what), and had a couple of PC clients that got missed. Research any specific settings needed if you’re running older versions of SQL or Windows Server. Here’s the official documentation from MS including the registry key settings: https://learn.microsoft.com/en-us/mem/configmgr/core/plan-design/security/enable-tls-1-2-server. We found this handy tool that made the updates a lot easier than manually adjusting the reg keys: https://www.nartac.com/Products/IISCrypto. There is a lot of rebooting needed, so be mindful of your backup schedules. Windows event viewer will also be your friend to identify servers and/or software that might not be using the expected TLS version.

    learn.microsoft.com

    404 - Content Not Found

    404 - Content Not Found

    • Lewis Rosenberg

      Member
      January 27, 2024 at 12:07 am
      Up
      0
      Down
      ::

      Thank you Jeff. Right now this only concerns the service tier server and not the SQL server, so hopefully nothing to be concerned about….yet.

  • Sean Nguyen

    Member
    January 28, 2024 at 1:33 pm
    Up
    0
    Down
    ::

    Yes like Jeff said I would monitor for any issues in the event log. We recently made the change thinking it’s only our SQL server without realizing we have third party integrations that weren’t “TLS” ready and ended up undoing the change and reenabled SSL until our vendor updated their code.

    • Lewis Rosenberg

      Member
      January 29, 2024 at 11:33 am
      Up
      0
      Down
      ::

      Thanks for all of the responses.

      I just learned that TLS can affect SMTP functionality from BC/NAV and that BC 14 Service defaults to using TLS 1.2 but this is controlled within the customsettings.config.



The discussion ‘Does BC/NAV require TLS (on the server)?’ is closed to new replies.

Start of Discussion
0 of 0 replies June 2018
Now

Report

Harassment or bullying behavior
Contains mature or sensitive content
Contains misleading or false information
Contains abusive or derogatory content
Contains spam, fake content or potential malware

Block Member?

Please confirm you want to block this member.

You will no longer be able to:

  • See blocked member's posts
  • Mention this member in posts
  • Invite this member to groups
  • Message this member
  • Add this member as a connection

Please note: This action will also remove this member from your connections and send a report to the site admin. Please allow a few minutes for this process to complete.

Report

You have already reported this .

Welcome to our new site!

Here you will find a wealth of information created for people  that are on a mission to redefine business models with cloud techinologies, AI, automation, low code / no code applications, data, security & more to compete in the Acceleration Economy!