Disabling TLS 1.0 and using TLS 1.2 in existing Nymi Enterprise Edition Deployment

To use TLS 1.2 and disable the use of TLS 1.0 in an existing NES deployment that uses SQL Express 2012, perform the following steps.

 

Pre-requisites
Perform the following action on the NES server


1. Keep TLS 1.0 enabled and TLS 1.2 disabled.
2. Install SQL Server Management Studio (ssms).
3. Download SQL Express 2017 SP1

Backup the NES specific databases

1. Stop IIS by using IIS Manager.
2. Launch SSMS.
3. Connect to the SQL instance.  
4. Expand Databases.
5. Right click the Nymi.nes database and then select Tasks > Back up
NOTE:  If your database name is not Nymi.nes, select the name that appears in your env.
6. From the Backup type list, select Full.
Make note of the destination directory.
7. Click OK.
8. Start IIS.

Remove SQL 2012 and install 2017

1. Remove SQL Express 2012.
2. Restart the NES server.
3. Install SQL Express 2017.


Restore the Nymi.nes database

1. Run SSMS.
2. Connect to the SQL instance.
3. Right-click Databases and then select Restore Database.
4. In the left navigation pane of the Restore Database window, click Options.
5. Select Overwrite existing database (WITH REPLACE).
6. In the left navigation pane click General.
7. In the Source section, select Device and then click the Elispses (...).
8. On the Select backup devices window, click Add.
9. Navigate to the MSSQL11.SQLEXPRESS subfolder and then expand MSSQL > Backup.
10. Select the Nymi.nes.bak file and then click OK.
11. On the Select backup devices window, click OK.
12. Click Verify Backup Media.  (no errors should appear)
13 Click OK.

Verify that NES database is ok

1. Log into the NES admin console and search for a user. 
2. When the user appears, click the hypertext link and ensure that you can see the properties of the user.
3. On the Policies tab, edit your policy and make sure that the settings are the same (ie band label is enabled).


Enable TLS 1.2 and ensure that the SQL database is ok

1. Disable TLS 1.0
2. Enable TLS 1.2. 
3. Ensure that SSL 3.0 is disabled.
4. Stop and restart the SQL service.
5. Log into the NES admin console and search for a user. 
6. When the user appears, click the hypertext link and ensure that you can see the properties of the user.

Articles in this section

Was this article helpful?
0 out of 0 found this helpful
Share