THIS IS ARCHIVED DOCUMENTATION

SSL/TLS Support

In this article

When establishing an HTTPS connection with a system, it may use different protocols. This article describes which protocols are supported by the various releases of Coveo for Sitecore, Coveo Platform, and Coveo Enterprise Search 7.

Support in Coveo for Sitecore

Coveo for Sitecore release

SSL 3.0

TLS 1.0

TLS 1.1

TLS 1.2

Starting April 2016

Yes

Yes

*

*

Starting October 2016

Yes

Yes

Yes

Yes

* The protocol is supported by installing an additional Sitecore package. See the next section for instructions.

Installing the Enable_TLS_1_2.zip package

The Enable_TLS_1_2.zip package allows Coveo for Sitecore to use the TLS 1.1 and/or TLS 1.2 protocols when establishing an HTTPS connection.

  1. Download the package: Enable_TLS_1_2.zip.

  2. Open Sitecore’s Installation Wizard (Sitecore Menu  Developers Tools  Installation Wizard).

  3. Upload and install the package.

The package will deploy two files:

  • App_Config\Include\EnableTls12.config: This file registers a processor into the initialize Sitecore pipeline that then allows the TLS 1.1 and/or 1.2 to be used by the application.

  • bin\EnableTls12.dll: This assembly contains the processor.

The EnableTls12.config file can be modified to allow only TLS 1.1 or TLS 1.2. Note that the processor can either enable a protocol or leave the default; it won’t disable any protocol.

<configuration xmlns:patch="http://www.sitecore.net/xmlconfig/">
  <sitecore>
    <pipelines>
      <initialize>
        <processor type="EnableTls12.EnableTls12Processor, EnableTls12">
          <EnableTls1_1>true<{site-baseurl}ableTls1_1>
          <EnableTls1_2>true<{site-baseurl}ableTls1_2>
        </processor>
      </initialize>
    </pipelines>
  </sitecore>
</configuration>

For example, to enable only the TLS 1.2 protocol, set the elements as follow:

<EnableTls1_1>false<{site-baseurl}ableTls1_1>
<EnableTls1_2>true<{site-baseurl}ableTls1_2>

Support in Coveo Platform

Coveo Platform

SSL 3.0

TLS 1.0

TLS 1.1

TLS 1.2

As of November 2017

No

No

Yes

Yes

Support in Coveo Enterprise Search 7 (CES 7)

Coveo Enterprise Search 7 release

SSL 3.0

TLS 1.0

TLS 1.1

TLS 1.2

Starting March 2016 (7.0.8225)

Yes

Yes

Yes

Yes
Note

Ensure that all available ciphers in the red rectangle are enabled on the CES server. For Windows Server 2012 R2 and earlier, TLS_PSK cipher suites aren’t available and not required (see Microsoft’s Cipher Suites in TLS/SSL). We recommend using IIS Crypto to examine the security protocols and ciphers.

We recommend using IIS Crypto^ to examine the security protocols and ciphers | Coveo for Sitecore 4