Change the TLS version

Change the TLS version to 1.2

Microsoft does not use TLS 1.2 for the .NET Framework 4.5 by default, so customizing the keys forces the use of TLS 1.2.
Applications compiled with a specific framework (e.g. 4.5) will not use a newer version (e.g. 4.7.2), even if it is installed.

ScriptRunner versions below 2020 are using the .NET Framework 4.5 i.e. TLS versions under 1.2.

ScriptRunner does not set a TLS version, instead it adopts the Windows settings. We recommend upgrading your ScriptRunner version to 2020 or later, therefore a TLS upgrade won't be necassary.

To force the TLS version 1.2 on your ScriptRunner instance, you need to edit four registry keys on your ScriptRunner server.

Open your Registry Editor and change the following settings:

In case the keys are not existing, they must be created in the first place as DWORD.

Path Key Value
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319]
SystemDefaultTlsVersions 1
SchUseStrongCrypto 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
SystemDefaultTlsVersions 1
SchUseStrongCrypto 1

 

Further information about TLS can be found in the Microsoft Docs.