Enable TLS1.1, TLS1.0, SSLv3, SSLv2Hello Protocols

Only TLSv1.3 and TLSv1.2 are enabled by default for RICOH Streamline NX.

The TLS1.1, TLS1.0, SSLv3, SSLv2Hello protocols are disabled. Communication with external systems that only support these protocols is also disabled. Specifically, the system will be affected as follows:

• RICOH Streamline NX cannot receive @Remote calls from a RICOH device (2011 models and earlier).

• RICOH Streamline NX cannot receive device logs (Job Logs and Access Logs) from a RICOH device (2011 models and earlier).

• RICOH Streamline NX cannot be installed to or be connected with an Embedded Client on a RICOH device (2015 models and earlier).

If necessary, you can enable TLSv1.1 or a lower version of SSL/TLS by using the procedure below but note that it might cause vulnerability in SSL/TLS communications.

1. Log on to the server and stop the following services.

• Core Server: RICOH SLNX Central Manager Service

• Delegation Server: RICOH SLNX Delegation Server Service

You can stop either of the above first.

2. Prepare the following property files provided in the installation media of RICOH Streamline NX.

• sslServer.properties

• sslClient.properties

• sslAtRemoteServer.properties

3. Copy three property files prepared in Step 2 to the "Configuration" folder in the destination to install the server. These files contain the protocols to be enabled or disabled, and the encryption settings to disable dangerous protocols.

4. Start the service stopped in Step 1.

Start "RICOH SLNX Central Manager Service" for the Core Server first, and then "RICOH SLNX Delegation Server Service" for the Delegation Server.

To restore the default settings, stop "RICOH SLNX Central Manager Service" and "RICOH SLNX Delegation Server Service", delete the property files added in Step 3 from the "Configuration" folder, and then start the stopped services again.

When upgrading from RICOH Streamline NX to a newer version, the configuration of the old version remains effective.