Disable TLS 1.0

For general questions and discussions specific to the AbleCommerce GOLD ASP.Net shopping cart software.
Post Reply
dandersonMLT
Lieutenant Commander (LCDR)
Lieutenant Commander (LCDR)
Posts: 95
Joined: Sun Oct 04, 2015 5:45 pm

Disable TLS 1.0

Post by dandersonMLT » Tue Jul 11, 2017 5:11 pm

I am running AbleCommerce GoldR10 (build 8302) on Windows Server 2008 R2.
I have already enabled TLS 1.2 on the server, and other applications are using it with no issue.

However, when I disable TLS 1.0 on the server I receive the following message when I try to connect to my AbleCommerce site:
"This file is required by IIS so that your website can be accessed without a file name specified.

To edit your home page, log in to the merchant administration and go to Website > Webpages.

If you are seeing this message from the browser, you either haven't completed the web based installation for the application or something has been misconfigured."
Re-enabling TLS 1.0 on the server resolves the issue and the site begins loading again as expected.
However, I still need to disable TLS 1.0 for PCI compliance.

I'm not sure why disabling TLS 1.0 is causing the AbleCommerce site to show the message above instead of loading the site.

Any help would be greatly appreciated.

Thanks!

User avatar
Katie
AbleCommerce Admin
AbleCommerce Admin
Posts: 2651
Joined: Tue Dec 02, 2003 1:54 am
Contact:

Re: Disable TLS 1.0

Post by Katie » Wed Jul 12, 2017 1:46 am

Hi there,

Please take a look at this document in our help site-

http://help.ablecommerce.com/index.htm# ... ls_1.2.htm

You'll need to know the version of Asp.net that Able is running under.

Also, there is a free service release for Gold R10. You should think about applying it because it is the first version that was PCI certified.
http://help.ablecommerce.com/index.htm# ... ld_r10.htm

Hope this helps!
Katie
Thank you for choosing AbleCommerce!

http://help.ablecommerce.com - product support
http://wiki.ablecommerce.com - developer support

jguengerich
Commodore (COMO)
Commodore (COMO)
Posts: 436
Joined: Tue May 07, 2013 1:59 pm

Re: Disable TLS 1.0

Post by jguengerich » Wed Jul 12, 2017 1:51 am

You may need to update your SQL Server installation to an SP that can utilize TLS 1.2. See here for some more info:
https://support.microsoft.com/en-us/hel ... sql-server

EDIT: changed SR to SP
Jay

dandersonMLT
Lieutenant Commander (LCDR)
Lieutenant Commander (LCDR)
Posts: 95
Joined: Sun Oct 04, 2015 5:45 pm

Re: Disable TLS 1.0

Post by dandersonMLT » Tue Aug 01, 2017 5:00 pm

Thank you both for your help.

I followed both suggestions and everything seems to be working as expected.

User avatar
Katie
AbleCommerce Admin
AbleCommerce Admin
Posts: 2651
Joined: Tue Dec 02, 2003 1:54 am
Contact:

Re: Disable TLS 1.0

Post by Katie » Wed Aug 02, 2017 12:37 am

Thanks Jay for the extra info on SQL server. I will make sure this gets added to our TLS upgrade doc.

Katie
Thank you for choosing AbleCommerce!

http://help.ablecommerce.com - product support
http://wiki.ablecommerce.com - developer support

User avatar
AbleMods
Master Yoda
Master Yoda
Posts: 5170
Joined: Wed Sep 26, 2007 5:47 am
Location: Fort Myers, Florida USA

Re: Disable TLS 1.0

Post by AbleMods » Thu Aug 03, 2017 2:29 am

I had to do the same thing on my SQL server. Once I disabled TLS 1.0 client on the web server, the website could no longer talk to the database server. I had to do what Jay suggested, update the SQL on the database server so it would respond to TLS 1.2 requests.
Joe Payne
AbleCommerce Custom Programming and Modules http://www.AbleMods.com/
AbleCommerce Hosting http://www.AbleModsHosting.com/
Precise Fishing and Hunting Time Tables http://www.Solunar.com

Post Reply