SSL/TLS problems under legacy operating systems

From Miranda NG
Jump to: navigation, search
This page contains changes which are not marked for translation.

Other languages:
Deutsch • ‎English • ‎русский

Miranda uses built-in Windows API to work with cryptography. Legacy operating systems (like Windows XP) do not support modern encryption algorithms, so Miranda cannot connect to servers that require support for these algorithms.

If you are using a legacy operating system and see SSL/TLS errors in the netlog, try the following steps.

Install update to add TLS 1.1 and TLS 1.2 support (Windows XP only)

KB4019276 from Windows Embedded POSReady 2009 adds TLS 1.1 and TLS 1.2 support to Windows XP.

  • create registry key
[HKEY_LOCAL_MACHINE\SYSTEM\WPA\PosReady] 
"Installed"=dword:00000001
  • create registry keys
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client]
"DisabledByDefault"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server]
"DisabledByDefault"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
"DisabledByDefault"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]
"DisabledByDefault"=dword:00000000
  • reboot operating system

Install OpenSSL plugin

Use PluginUpdater to download and install OpenSSL plugin (don't forget to disable "Use HTTPS" option before downloading).

Disable SSL certificates validation in Miranda

Disable the Options → Network → Validate SSL certificates option.