Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add missing TLS Checks for TLS 1.2 #326

Closed
SteffenWinternheimer opened this issue Apr 24, 2023 · 1 comment · Fixed by #452
Closed

Add missing TLS Checks for TLS 1.2 #326

SteffenWinternheimer opened this issue Apr 24, 2023 · 1 comment · Fixed by #452
Assignees
@SteffenWinternheimer @TuemmlerKelch
Labels
bug Something isn't working
Milestone
5.7.1

Comments

@SteffenWinternheimer
Copy link
Collaborator

SteffenWinternheimer commented Apr 24, 2023
edited by TuemmlerKelch
Loading

Currently we only have a check for TLS 1.2 for Server:
grafik

We also should check for TLS 1.2 on Client systems as well.

Default if TLS 1.2 registry path doesn't exist on Windows 11 and Windows Server 2022, it would be still compliant, if the path is null, keep that in mind because these tests would also be tested on older systems (e.g. Windows 7 etc.) due that these tests appear in SecurityBaseData

HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client
DisabledByDefault = 0
Enabled = 1

Add to SBD. I will discuss if we will also add this to FB Pro Checks and Benchmark
@SteffenWinternheimer SteffenWinternheimer added this to the 5.6 milestone Apr 24, 2023
@SteffenWinternheimer SteffenWinternheimer self-assigned this Apr 24, 2023
@SteffenWinternheimer SteffenWinternheimer added the bug Something isn't working label Apr 24, 2023
@TuemmlerKelch TuemmlerKelch modified the milestones: 6.0, 5.6 Jul 19, 2023
@SteffenWinternheimer SteffenWinternheimer modified the milestones: 5.6, 5.7 Aug 25, 2023
@SteffenWinternheimer SteffenWinternheimer modified the milestones: 5.7, 5.7.1 Nov 13, 2023
@fbprogmbh fbprogmbh deleted a comment from TuemmlerKelch Nov 13, 2023
@SteffenWinternheimer SteffenWinternheimer modified the milestones: 5.7.1, 5.7 Nov 13, 2023
Merged
@TuemmlerKelch TuemmlerKelch linked a pull request Nov 13, 2023 that will close this issue
Add Client Tests for TLS 1.2 #452
Merged
@TuemmlerKelch TuemmlerKelch changed the title Add missing TLS Checks Add missing TLS Checks for TLS 1.2 Nov 13, 2023
@TuemmlerKelch TuemmlerKelch modified the milestones: 5.7, 5.7.1 Nov 13, 2023
@TuemmlerKelch
Copy link
Collaborator

Merged Pull request, but only solved half of this issue. Please add this to Security Base Data and make sure it has the correct order.
image

@SteffenWinternheimer SteffenWinternheimer mentioned this issue Dec 4, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@SteffenWinternheimer SteffenWinternheimer

@TuemmlerKelch TuemmlerKelch

Labels
bug Something isn't working
Projects
None yet
Milestone
5.7.1
Development

Successfully merging a pull request may close this issue.

Add Client Tests for TLS 1.2 fbprogmbh/Audit-Test-Automation
2 participants
@SteffenWinternheimer @TuemmlerKelch