Our FNO is effectively frozen at 2018R1 but time and tide are against us. With Microsoft deprecating TLS versions, we find that our current server is unable to connect out to send emails and system admins tell me it's because the FNO is trying to use TLS1.1
How do I reconfigure the FNO to use more modern versions of TLS?
I'm open to anything, up to and including hacking .xml files in the deployment if I have to.
We HAVE previously applied the hotfix relating to the Google SMTP issue but this is a seperate problem as far as I'm aware. Switching SMTP providers brought extra restrictions that we now need to live by.
Hi @jefflaing Unfortunately, there isn't a hotfix available for 2018R1. However, this issue was resolved in 2024R1. Please refer to the document link for more details.
If you want to handle the TLS problem without upgrading the FNO, you may need to use an external SMTP relay server and configure it to accept TLS1 for incoming connections (emails from FNO)and relay using TLS 1.2 for outbound connections (SMTP server).
I hope your IT/email server handling team can better assist you in configuring that setup. Please let me know your feedback.
Hi @jefflaing Unfortunately, there isn't a hotfix available for 2018R1. However, this issue was resolved in 2024R1. Please refer to the document link for more details.
As I said, we are frozen at 2018R1 at the moment due to dependency on the backend database (Oracle) which will be an enormous amount of work to port. As it stands, my management are looking at other licensing vendors precisely because of the difficulty in upgrading.
I was hoping that the issue would be somewhere in the plethora of Java .xml configuration files in the deployment.
Finally, I also note that the linked document says "fixed in 2024R1" but then goes on to say "unless you deploy on a VM" which is exactly what we do.
(As an aside, I'm not sure who accepted this response as a solution - I certainly didn't because for us, it isn't).
If you want to handle the TLS problem without upgrading the FNO, you may need to use an external SMTP relay server and configure it to accept TLS1 for incoming connections (emails from FNO)and relay using TLS 1.2 for outbound connections (SMTP server).
I hope your IT/email server handling team can better assist you in configuring that setup. Please let me know your feedback.
