Enabling/Enforcing TLS 1.3 while performing installation of Connect:Direct Server on windows 2022 servers using Control Center's new install feature

This section provides steps to enable and enforce TLS 1.3 while performing installation of Connect:Direct Server on windows 2022 servers using Control Center's new install feature.

Before you begin

Before configuring TLS 1.3 for new installation, ensure that Control Center and Connect:Direct support TLS 1.3 and along with the windows server on which the installation is planned.

Note: Windows server below 2022 does not support TLS13 to invoke web request using power shell during Connect:Direct package download step.

About this task

Enabling TLS 1.3 on your Control Center Web Server and Web Browser enhances security and performance. TLS 1.3 is the latest cryptographic protocol, offering faster handshakes, improved security with modern ciphers, and enhanced privacy features.

Follow the below steps to enable TLS 1.3:

Procedure

To enable TLS 1.3:

After extracting the downloaded new deployment package (.zip) file, open the installCDWindows.ps1 file and modify the below lines to add support for TLS13 protocol

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls, 
[Net.SecurityProtocolType]::Tls11, [Net.SecurityProtocolType]::Tls12, 
[Net.SecurityProtocolType]::Tls13, [Net.SecurityProtocolType]::Ssl3
[Net.ServicePointManager]::SecurityProtocol = "Tls, Tls11, Tls12, Tls13, Ssl3"

To enforce TLS 1.3:
1. After extracting the downloaded new deployment package (.zip) file , open the installCDWindows.ps1 file and modify the below lines to add support for TLS13 protocol
```
[Net.ServicePointManager]::SecurityProtocol =[Net.SecurityProtocolType]::Tls13
[Net.ServicePointManager]::SecurityProtocol = "Tls13"
```
  Attention: Enforcing this for all systems may lead to connection issues, as not all systems support TLS 1.3.