I'm having trouble shutting down TLS 1.0 on my Windows 7 SP1 client machines and still being able to process credit cards.
Windows 7 Pro Sp1
SQL Server 2008 R2 SP3 with TLS 1.2 hotfix
Retail Realm Cayan Processing Manager plug in Ver 22.214.171.124
Cayan Genius Terminal
RMS works fine with TLS 1.0 disabled in registry Protocol keys, until I run a credit card transaction and then I get the following error:
As soon as I enable TLS 1.0 in the registry, it works fine.
How can I fix this so that I can turn off TLS 1.0 to be PCI compliant on July 1 2018?
Sorry that the error didn't show up. Here it is in text:
Heading "RR RMS Cayan Payment Processing - Sale"
Error Message "Result: An error occurred while making the HTTP request to transport.merchantware.net/.../transportService.asmx"
Hi Nathan, I'm get conflicting information from different processors as to whether the solution you have can be TLS compliant. I'll let you know if I get a clear and concise answer from Cayan or Retail Realm. For now we have been advising customers to have stand alone payment terminals (or Square) ready just in case the processing stops working (or switch to another solution for RMS like Card Defender/upgrade to Retail Management Hero/Cloud Retailer). You should also ask your Microsoft Dynamics RMS Partner for advice as well. If you do not have a Microsoft Dynamics RMS Partner, paid support is available from Microsoft by calling 888-477-7877. We also offer paid support at RITE: 888-267-7483.
I thought I had the latest Retail Realm Cayan Processing Manager plug in. It wasn't. However Version 126.96.36.199 seems to have fixed the problem. I'll do some more testing and let you all know if it is truly fixed.
Hi Nathan, Did the 188.8.131.52 version of RR Cayan Processing Manager fix the issue with the TLS error?
Ok, here is what I've figured out so far by trial and error and it now works: (be aware, I'm an amateur)
The newer version of the RR software did fix the Retail Realm issue, but some other things need to be setup before TLS 1.0 is disabled enough to allow Genius machine to work.
A number of patches will have to be installed:
Depending on your SQL version you will probably have to patch it to enable TLS 1.1 and TLS 1.2. Older versions don't support TLS 1.1 or 1.2.
The Native Client component may also have to be patched for the same reason
OLE DB may need to be patch also (same reasons).
Windows 7 - Server computer: Add the following keys to the registry:
add Dword "DisabledByDefault" value = 1
add Dword "Enabled" value = 0
Windows 7 Client Computers: Add the following keys to the registry:
All Windows 7 computers: Add the following keys to the registry (TLS 1.1 keys may not be necessary though they won't hurt either):
add Dword "DisabledByDefault" value = 0
add Dword "Enabled" value = 1
add Dword "DefaultSecureProtocols" value = 2560 decimal (this allows both TLS 1.1 and TLS 1.2 to be the defaults)
I'm sure I've missed something, but I believe those were the steps I made to get things to work on Windows 7. I'm now setting up Windows 10 on all my computers and going through a similar process. I've got it working on Win10 machines but I can't access the database in RMS from the server computer itself. just from other client machines. I believe it is because the SQL server is not only a server, but also a client to TSYS (Genius device processor).
Business Applications communities