Overview:
Due to popular web browsers dropping support for TLS1.0 and TLS1.1 protocol, when you login to EPS console, the error "ERR_SSL_VERSION_OR_CIPHER_MISMATCH” appears. This occurs only with EPS Server installed on legacy operating systems (where TLS 1.2 protocol is not enabled/supported).
Applicable Operating System: Microsoft Windows 7 and earlier
Applicable EPS Versions: Seqrite EPS 7.x
Applicable Browser versions:
Description:
When you log in to the EPS console webpage, the following error prompt appears in the browser.
Reason:
This behavior is due to either the browser or operating system not supporting TLS1.2 protocol.
Solution:
Seqrite recommends installing EPS Server on the latest operating system.
Alternatively, you can use the following workarounds:
Workaround 1: Use older web browser versions to access EPS web console.
Workaround 2: Enable TLS 1.2 on Windows 7 and Windows 2008 R2 to access EPS web console on the latest browsers.
To enable TLS 1.2, follows these steps,
1. Right-click Start, then select Run. Type regedit in the Open: box, and then select OK. The Registry Editor window appears.
2. In the Registry Editor window, select the topmost Computer option.
3. To take a backup of the registry, click File > Export. Save the registry file.
Important: In this method, you are editing the registry. This may have detrimental effects on your computer if done incorrectly, so it is strongly recommended to make a backup.
4. In the Registry Editor window, browse to the following registry key.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols
5. Right-click the Protocols folder. Select New > Key from the drop-down menu.
This creates a new key folder.
6. Rename the new key folder as TLS 1.2.
7. Right-click the TLS 1.2 key folder and add a new key to that folder.
8. Rename the new key as Server.
9. Right-click the Server key. Select New > DWORD (32-bit) Value from the drop-down list.
10. Rename DWORD to DisabledByDefault.
11. Right-click the name DisabledByDefault and select Modify... from the drop-down menu.
12. Ensure that the Value data field is set to 0 and the Base is Hexadecimal. Click OK.
13. Create another DWORD for the Server key as you did in Step 9.
14. Rename this second DWORD to Enabled.
15. Right-click the name Enabled and select Modify... from the drop-down menu.
16. Ensure that the Value data field is set to 1 and the Base is Hexadecimal. Click OK.
17. Close the Registry Editor window.
18. Reboot the server.
(For more details, please refer TLS1.2 section on this URL.)