FAQ: Is TLS 1.2 and 1.1 Supported on Web Interface 5.4?

Q: Is TLS 1.2 and 1.1 supported on Web Interface 5.4?

A: No, upgrade to StoreFront 3.x for TLS 1.2 and 1.1 support.

For incoming requests, Web Interface relies on IIS to service the HTTPS request. Some of the platforms that are supported do have TLS 1.1 and 1.2 in IIS. However, it is the back-end communication to the XenApp/XenDesktop XML service that does not support TLS 1.1 and 1.2.

On page 173 of the product documentation guide for Web Interface 5.4 you will find the following paragraph:

“Transport Layer Security –

Transport Layer Security (TLS) is the latest, standardized version of the SSL protocol. The Internet Engineering Taskforce (IETF) renamed it TLS when they took over responsibility for the development of SSL as an open standard. Like SSL, TLS provides server authentication, encryption of the data stream, and message integrity checks.

Support for TLS Version 1.0 is included in all supported versions of XenApp for Windows and XenDesktop. Because there are only minor technical differences between SSL Version 3.0 and TLS Version 1.0, the server certificates you use for SSL in your installation also work with TLS.

Some organizations, including U.S. government organizations, require the use of TLS to secure data communications. These organizations may also require the use of validated cryptography, such as Federal Information Processing Standard (FIPS) 140. FIPS is a standard for cryptography.

Note: The maximum SSL/TLS certificate key size supported by the Web Interface for Java Application Servers is 2048 bits.”

Additional Resources


Leave a Reply