Weak cipher suits for TLS 1.2 to be disabled

lock
push_pin
done
Besvarat
3

From October 17th the weak cipher suits for TLS 1.2 will be disabled, see screenshot about changes that are currently in sod/stage and will be implemented in production.

Please make sure your integrations, connectors, db mirroring instances still continue to operate normally.

Best regards.

8. okt. 2025 | 11:08 fm

Allt Svar (3)

For others reading along, the 2 cipher suites for TLS 1.2 that are still supported after the 17th (TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) are supported on Windows server 2016 and higher.

So if you or a customer is still running Windows server 2012 R2 (or lower...), that will be an issue.

8. okt. 2025 | 11:26 fm

Hi, we are one of those customers with a Windows 2012R2 Server...
Unfortunately we missed this update.

I read that besides migrating or upgrading to 2016 its possible to setup a proxy to receive our calls and forward them to Superoffice and vice versa. Does anyone have any practical experience with this or have an idea about the feasibility?

Regards

 

20. okt. 2025 | 12:03 em
Hi Eddy,

I am unaware of any such proxy possibilities from SuperOffice. Windows Server 2012 R2 is end of life since October 10, 2023. Microsoft customer can purchase Extended Security Updates (ESUs), of which SuperOffice has no affiliation, and your security and our online platform security are paramount.

Best regards.
20. okt. 2025 | 02:32 em

I'll try to run proxy today in our production. I've done some tests locally and it worked fine. I've used Yarp.ReverseProxy package in .NET 8 to build it. It is extremely simple .NET project. 

Every big company (Facebook, Amazon, Google, Microsoft) supports Windows 2012 R2 ciphers. 

21. okt. 2025 | 10:12 fm

Lägg till svar