question

adilahmed avatar image
0 Votes"
adilahmed asked ·

Is Workflow Manger 1.0 supports if disable TLS 1.0 & 1.1 and Enable only TLS 1.2 in Windows Server 2019 Server

Hi,
I installed and configured the Workflow Manager farm for SharePoint 2016 , in one of the Application server .
as per our org policy in App server i disabled TLS 1.0 & 1.1 and enabled only TLS 1.2
After i enable TLS 1.2 below service not started and error in event viewers.

Service Bus Message Broker.

The Microsoft Service Fabric Host Service service terminated unexpectedly. It has done this 6 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

I installed in App Server
Workflow Manger 1.0 Cumulative Update 5 Installed
Service Bus 1.1. with kb 3086798 Installed

Below are the steps i did after disable TLS 1.2
-I leave the WF farm
-when i join the existing farm
i get below error

Error] [1/13/2021 5:04:41 PM]: System.Management.Automation.CmdletInvocationException: The system cannot find the file specified ---> System.ComponentModel.Win32Exception: The system cannot find the file specified
at System.Diagnostics.Process.StartWithCreateProcess(ProcessStartInfo startInfo)


I check this link but i already installed updates for Workflow Manger 1.0 Cumulative Update 5 Installed
Service Bus 1.1. with kb 3086798 Installed
https://support.microsoft.com/en-us/help/4077554/add-support-for-tls-1-1-and-tls-1-2-on-service-bus-for-windows-server

Here How can i configure Workflow Manger 1.0 only TLS 1.2 enabled in Windows Server 2019 Server

56300-service-bus-update.jpg
56452-wfm-10-cu-5.jpg
56475-servicebus-dll-version.jpg


office-sharepoint-server-administrationoffice-sharepoint-server-itprosharepoint-workflow-dev
service-bus-update.jpg (19.3 KiB)
wfm-10-cu-5.jpg (38.5 KiB)
servicebus-dll-version.jpg (77.5 KiB)
· 1
10 |1000 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

JulieWang-MSFT avatar image JulieWang-MSFT ·

I am currently looking into this issue and will give you an update as soon as possible.

Thank you for your understanding and support.

0 Votes 0 ·

1 Answer

JulieWang-MSFT avatar image
0 Votes"
JulieWang-MSFT answered ·

Hi @adilahmed,

To enable TLS protocol version 1.2 on Workflow Manager Windows Server Registery, try as following then compare the result:

1.Disable RC4 by changing the Enabled key value to 0 at below Register Paths:

 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 128/128]
 “Enabled”=dword:00000000
    
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 40/128]
 “Enabled”=dword:00000000
    
 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 56/128]
 “Enabled”=dword:00000000

2.Open the Register Editor, navigate to the below path, and add a new DOWRS “SchUseStrongCrypto” with 1 value.

 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319

56380-image.png

3.Repeat the above steps for each workflow manager server, then restart your server to reflect your register changes.

More information for your reference:

https://thesharepointfarm.com/2016/04/tls-1-2-support-workflow-manager-office-online-server/#:~:text=There%20are%20two%20requirements%20to,Second%2C%20add%20the%20SchUseStrongCrypto%20value.

https://spgeeks.devoworx.com/service-bus-message-broker-stuck-on-starting/#:~:text=Service%20Bus%20is%20a%20messaging,Gateway%20Database.

If an Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.



image.png (237.6 KiB)
· 1 · Share
10 |1000 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

adilahmed avatar image adilahmed ·

Hi, I installed Workflow Manger Farm in Windows Server 2019 and above Registry changes already disabled for RC4 and DOWRS “SchUseStrongCrypto” value 1 already there.

0 Votes 0 ·