Per PCI 3.2, TLS 1.0 will soon be required to be disabled. We tested this out on a few of our servers with Pulseway and after doing so the Pulseway Agent on the server stop reporting into the Pulseway Console. When trying to verify the account on the Pulseway Manager 5.1 we got the following error:
An error occurred while receiving the HTTP response to https://ws15.pulseway.com/Server.svc. This could be due to the service endpoint binding not using the HTTP protocol. This could also be due to an HTTP request context being aborted by the server (possibly due to theservice shutting down). See server logs for more details.
The only way to fix it was to re-enable the TLS 1.0 Client Protocol here:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client
I checked Pulseway's SSL Cert on Qualys SSL and it said it accepted TLS 1.0 to 1.2 but it must be something in the Agent code that limits it to TLS 1.0.
Not sure if this should be a Bug or Feature request but just wanted to make the team aware of the issue.
Thanks!
ITSourcePro
