How to disable TLS 1.0 and 1.1 to help with performance in 6.6 and beyond in Archer
Versions: RSA Archer 6.6x, especially important in 6.7x+
Issues present as slow save conditions, unexpected errors.
With new security measures, RSA Archer has issues with TLS 1.0 and 1.1 still being present on ANY servers, including the database server.
Some or all of the following errors will be noted in the Windows System log with a source of "Schannel"
A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 42. The Windows SChannel error state is 250.
A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 1205.
An TLS 1.2 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
The TLS 1.0 and 1.1 must be disabled on ALL servers for both client and server-side and then servers must be rebooted.
It lets you adjust settings by just checking or unchecking the boxes, and the tool does the work. NOTE: The tool can change the registry incorrectly. If you still have issues, manually check the registry!