Tyler Workflow - Legacy TLS disabled on the server
Testing the Tyler Workflow Connection gives the following error:
Tyler Workflow cannot be reached
Time and Attendance Applicaiton log showed the following error message from the failed test Workflow conneciton:
500 Internal Server Error - An error has occurred
When browsing to the DiagnosticSummary endpoint, https://hostname/instance/tylerworkflow/api/api/diagnosticsummary, it gives the following error:
An error has occurred
In the Event Viewer, the following Schannel errors are shown in the Windows System logs:
An TLS 1.2 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed.
 The SSPI client process is svchost[TermService] (PID: 1948).
An unknown connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed.
 The SSPI client process is SYSTEM (PID: 4).
An TLS 1.1 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed.
 The SSPI client process is SYSTEM (PID: 4).
A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
 The SSPI client process is w3wp (PID: 12144).
The Workflow dashboard, https://hostname/instance/tylerworkflow/dashboard, doesn't show the status graph.
Pressing F12 for the Developer tools while on the Workflow dashboard, under Console shows the HealthCheck chart source URL with the following errors:
An error occurred while sending the request
The underlying connection was closed: An unexpected error occurred on a receive
The client and server cannot communicate, because they do not possess a common algorithm
Time and Attendance
ExecuTime
TWF
Tyler Workflow
Schannel
TLS 1.0/1.1./1.2
Registry
Legacy TLS 1.0 and 1.1 disabled on the server causing Tyler Workflow is lose communication with the server
Select Windows Start
Type Regedit and press Enter
Navigate to [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
Right click in the empty white space and select New > DWORD (32-bit) Value
Type SystemDefaultTlsVersions and press Enter
Double click the entry and select Decimal
Type 1 in the Value Data field
Right click in the empty white space and select New > DWORD (32-bit) Value
Type SchUseStrongCrypto and Press Enter
Double click the entry and select Decimal
Type 1 in the Value Data field
Navigate to [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319]
Repeat steps 4-11 to add the same registry entry and values to this location
Reboot the server for the changes to apply
How to check and confirm if TLS 1.0 and 1.1 are disabled: See https://docs.microsoft.com/en-us/windows-server/security/tls/tls-registry-settings#tls-10
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client]
"Enabled"=dword:00000000
 Â
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server]
"Enabled"=dword:00000000
 Â
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client]
"Enabled"=dword:00000000
 Â
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server]
"Enabled"=dword:00000000