Description

It is possible to modify the list of cryptographic protocols for encrypted outbound communication used by the following subsystems:

• Terminal Server
• FlexiSpooler
• Mobile Print Server

For each of these subsystems there exists a configuration property, where you can specify the list of the Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocol versions to be supported. To change the setting, in Dispatcher Paragon management interface go to the System settings (Expert options) and search for the properties securityProtocolTypesForOutboundCommunication (Terminal Server), fspHttpsSecurityProtocols (FlexiSpooler) and mpsHttpsSecurityProtocols (Mobile Print Server).

The subsystems can be set to use the following versions of the SSL/TLS protocol: SSL 3.0, TLS 1.0, TLS 1.1 and TLS 1.2. If any of the versions is not present in the list, the corresponding subsystem will not connect to the servers or terminals that only support the removed versions.

In case secure Http communication is enabled, the fspHttpsSecurityProtocols parameter is applied to IPPS communication to a printer and to communication from FSP in nonspooling client mode to FSP in server spooling mode.The specified protocols are used in SSL/TLS handshake from the client side of the outbound communication.

The system property mpsHttpsSecurityProtocols applies for all outbound connections from the Dispatcher Paragon Mobile Print Server: HTTP with the Dispatcher Paragon FleixSpooler, SMTP, POP3, IMAP and EWS with the mail server.

For the secure communication with the Konica Minolta devices (and also Konica Minolta branded devices Olivetti and Develop), the SSL/TLS protocol versions supported depend also on the OpenAPI SDK used. By default, the newer version, 4-13a is enabled, what means support of .NET 4.5 or higher. To use lower versions the configuration property kmOpenApiVersion needs to be set to 4-2.

The subsystem has to be restarted once the property is modified.