Bgrenon/4
| Product(acting as client) | Product'Connections
(acting as server) |
TLS 1.2 Support Release # | Mutual TLS Support | Host configuration on MS support | FIPS Support | SHA_2'CERT'Support | Sec-protocol option support | Open JIRA# | Comments |
| UCS | ' | 8.5.300.01 | ' | YES | Pending | YES | YES | <a class="jira-issue-key" href="https://jira.genesys.com/browse/ESR-11474"><img class="icon" src="https://jira.genesys.com/secure/viewavatar?size=xsmall&avatarId=21399&avatarType=issuetype" />ESR-11474</a>-Disable Medium cipher for UCS and let it work under TLSv1.2CLOSED | Upgrade Java 7 to version jdk1.7.0_131'Add this string to UCS startup command for client TLSv1.2 support:
-Djdk.tls.client.protocols="TLSv1, TLSv1.1, TLSv1.2"'Add this string to UCS startup command for server to accept TLSv1.2 connections only and reject SSLv3, TLSv1, TLSv1.1: -Djdk.tls.disabledAlgorithms="SSLv2Hello,SSLv3,TLSv1,TLSv1.1Add this string to UCS startup command to support SSL debug messaging: 'NOTE:'for UCS 8.5.3x: PSDK upgraded from 814 to 855 that support PEM format in private key. (do not need to convert to pkcs8); sec-protocol is supported |
| CS | 8.5.100.22 | YES | N/A | Pending | YES | ||||
| MS | 8.5.100.13 | YES | YES | Pending | YES | ||||
| Chat Server | 8.5.107.11 | YES | N/A | Pending | YES | ||||
| Inx Server | 8.5.109.01 | YES | N/A | Pending | YES | ||||
| Email Server | 8.5.104.06 | YES | N/A | Pending | YES | ||||
| LCA | 8.5.100.20 | YES | N/A | Pending | YES | ||||
| Social Media Server | 8.5.400.03 | YES | N/A | Pending | YES | ||||
| Email Server'''' | ' | 8.5.104.06 | ' | YES | Pending | YES | YES | ' | JIRA #<a class="external-link" href="https://jira.genesys.com/browse/ESR-12974" rel="nofollow">ESR-12974</a>UCS doesn't support security option 'sec-protocol’ was opened against v. 8.5.104.06. Issue Closed v. 8.5.104.08'''' |
| CS | 8.5.100.22 | YES | N/A | Pending | YES | ||||
| MS | 8.5.100.13 | YES | N/A | Pending | YES | ||||
| Inx Server | 8.5.109.01 | YES | N/A | Pending | YES | ||||
| UCS | 8.5.100.19 | YES | N/A | Pending | YES | ||||
| Social Media Server | . | 8.5.400.03 | YES | YES | Pending | YES | YES | ' | JIRA # ESR-12975 Social Media Server doesn't support security option ‘sec-protocol’’'''' |
| CS | 8.5.100.22 | YES | N/A | Pending | YES | ||||
| MS | 8.5.100.13 | YES | YES | Pending | YES | ||||
| UCS | 8.5.100.19 | YES | N/A | Pending | YES | ||||
| Inx Server | 8.5.109.01 | YES | N/A | Pending | YES | ||||
| UCS Proxy | ' | 8.5.100.04 | YES | YES | YES | YES | YES | <a class="jira-issue-key" href="https://jira.genesys.com/browse/ESR-11911"><img class="icon" src="https://jira.genesys.com/secure/viewavatar?size=xsmall&avatarId=17690&avatarType=issuetype" />ESR-11911</a>-support of TLSv1.2 by UCS ProxyCLOSED | ' |
| UCS | 8.5.100.19 | YES | N/A | ' | YES | ||||
| CS | 8.5.100.22 | YES | N/A | ' | YES | ||||
| MS | 8.5.100.13 | YES | YES | ' | YES | ||||
| Avaya TS | ' | 8.1.010.30 | YES | YES | YES | YES | YES | 'TS-11337'TS-11338 | ' |
| CS | 8.5.100.22 | YES | N/A | ' | YES | ||||
| MS | 8.5.100.13 | YES | N/A | ' | YES | ||||
| ISCC | 8.1.010.30 | YES | N/A | ' | YES | ||||
| HA | 8.1.010.30 | YES | N/A | ' | YES | ||||
| OCS | ' | 8.1.508.02 | YES | YES | YES | YES | 'YES'v.8.1.508.01+ | OUTBOUND-9557 | JIRA #<a class="external-link" href="https://jira.genesys.com/browse/OUTBOUND-9576" rel="nofollow">OUTBOUND-9576</a>; OCS do not support security option 'sec-protocol' in v.8.1.508.00. Fixed in v.8.1.508.01==OCS was verified on: Linux 64 and Windows 2008R'JIRA#<a class="external-link" href="https://jira.genesys.com/browse/OUTBOUND-9528" rel="nofollow">OUTBOUND-9528</a>: TLS support on ‘host’ level of MS, fixed in v.8.1.508.06'''' |
| MS | 8.5.100.13 | YES | YES | ' | YES | ||||
| CS | 8.5.100.22 | YES | N/A | ' | YES | ||||
| SIP | 8.1.102.58 | YES | N/A | ' | YES | ||||
| Avaya TS | 8.1.010.30 | YES | N/A | ' | YES | ||||
| Inx Server | 8.5.109.01 | YES | N/A | ' | YES | ||||
| DB Server | 8.1.300.06 | YES | N/A | ' | YES | ||||
| Stat Server | 8.5.102.00 | YES | N/A | ' | YES | ||||
| ORS | ' | 8.1.400.58 | YES | YES | YES | YES | YES | ORS-3195 | 'ORS can't establish secure connection to Message Server if ORS certificate is configured on Host level. JIRA #ORS-3235'SS can't establish secure connection to Message Server if Stat Server’s certificate is configured on Host level. JIRA #SS-7545 |
| MS | 8.5.100.13 | YES | YES | ' | YES | ||||
| CS | 8.5.100.22 | YES | N/A | ' | YES | ||||
| URS | 8.1.400.22 | YES | N/A | ' | YES | ||||
| Stat Server | 8.5.107.00 | YES | N/A | ' | YES | ||||
| SIP | 8.1.102.58 | YES | N/A | ' | YES | ||||
| Inx Server | 8.5.109.01 | YES | N/A | ' | YES | ||||
| ICON | ' | 8.1.514.03 | YES | YES | YES | YES | YES | ICON-5324 | ICON can't establish secure connection to Message Server if ICON’s certificate is configured on Host level. JIRA: ICON-5460'ICON do not support 'sec-protocol'. JIRA #ICON-5461 (Fixed in v<a class="external-link" title="8.1.514.07 - GA" href="https://jira.genesys.com/secure/IssueNavigator.jspa?reset=true&mode=hide&sorter/order=ASC&sorter/field=priority&pid=11212&customfield_11350=81332" rel="nofollow">8.1.514.07</a>)'''' |
| CS | 8.5.100.22 | YES | N/A | ' | YES | ||||
| MS | 8.5.100.13 | YES | YES | ' | YES | ||||
| DB Server | 8.1.301.03 | YES | N/A | ' | YES | ||||
| SIP | 8.1.102.58 | YES | N/A | ' | YES | ||||
| OCS | 8.1.508.00 | YES | N/A | ' | YES | ||||
| IS | 8.5.109.01 | YES | N/A | ' | YES | ||||
| Classification'Server'''' | ' | 8.5.300.01 | YES | YES | Pending | YES | YES | <a class="jira-issue-key" href="https://jira.genesys.com/browse/KM-3291"><img class="icon" src="https://jira.genesys.com/secure/viewavatar?size=xsmall&avatarId=21399&avatarType=issuetype" />KM-3291</a>-[CONSULT] Classification Server supported for TLS1.2CLOSED | Classification Server was verified on: Linux 64 and Windows 2008R |
| CS | 8.5.100.22 | YES | N/A | Pending | YES | ||||
| CS Proxy | 8.5.100.22 | YES | N/A | Pending | ' | ||||
| MS | 8.5.100.13 | YES | YES | Pending | YES | ||||
| UCS | 8.5.100.19 | YES | N/A | Pending | YES | ||||
| LCA | 8.5.100.20 | YES | N/A | Pending | YES | ||||
| Inx Server'''' | ' | 8.5.110.01 | ' | YES | ' | YES | ESR-12853<a class="external-link" href="https://jira.genesys.com/browse/ESR-13033" rel="nofollow">ESR-13033</a> | Interaction Server was verified on: Linux 64 and Windows 2008R | |
| Client to: | |||||||||
| CS | 8.5.100.22 | YES | N/A | YES | YES | ||||
| CS Proxy | 8.5.100.22 | YES | N/A | YES | YES | ||||
| MS | 8.5.100.13 | YES | YES | YES | YES | ||||
| LCA | 8.5.100.20 | YES | N/A | YES | YES | ||||
| UCS | 8.5.100.19 | YES | N/A | YES | YES | ||||
| DB Server | 8.1.301.03 | YES | N/A | YES | YES | ||||
| Chat Server | 8.5.107.11 | YES | N/A | YES | YES | ||||
| Social Media Server | 8.5.400.03 | YES | N/A | YES | YES | ||||
| 'Classification'Server | 8.5.300.01 | YES | N/A | YES | YES | ||||
| Email Server'''' | 8.5.104.06 | YES | N/A | YES | YES | ||||
| Server to: | |||||||||
| Inx Proxy | 8.5.110.01 | YES | YES | YES | YES | ||||
| ORS | 8.1.400.58 | YES | N/A | YES | YES | ||||
| ICON | 8.1.514.03 | YES | N/A | YES | YES | ||||
| URS | 8.1.400.22 | YES | N/A | YES | YES | ||||
| OCS | 8.1.508.00 | YES | N/A | YES | YES | ||||
| Stat Server | 8.5.107.03 | YES | N/A | YES | YES | ||||
| Email Server | 8.5.104.06 | YES | N/A | YES | YES | ||||
| Social Media Server | 8.5.400.03 | YES | N/A | YES | YES | ||||
| Chat Server | 8.5.107.11 | YES | N/A | YES | YES | ||||
| Chat Server | ' | 8.5.109.05 | ' | YES | YES | YES | YES | <a class="external-link" href="https://jira.genesys.com/browse/ESR-12852" rel="nofollow">ESR-12852</a> | Chat Server was verified on: Linux 64 and Windows 2012 |
| CS | 8.5.100.22 | YES | N/A | YES | YES | ||||
| MS | 8.5.100.13 | YES | YES | YES | YES | ||||
| Inx Server | 8.5.110.01 | YES | N/A | YES | YES | ||||
| UCS | 8.5.200.19 | YES | N/A | YES | YES | ||||
| Cassandra | 2.28 | YES | N/A | N/A | YES | ||||
| Digital Messaging Server with WeChat driver | ' | 9.000.03 | YES | YES | YES | YES | YES'''' | MSGA-116<a class="external-link" href="https://jira.genesys.com/browse/ESR-12971" rel="nofollow">ESR-12971</a> | Digital Messaging Server supports only one port "default" with Listening Mode = secured |
| Client to: | |||||||||
| CS | 8.5.100.22 | YES | N/A | YES | YES | ||||
| SCS | 8.5.100.17 | YES | N/A | YES | YES | ||||
| MS | 8.5.100.13 | YES | YES | YES | YES | ||||
| UCS | 8.5.200.19 | YES | N/A | YES | YES | ||||
| Inx Server | 8.5.110.01 | YES | N/A | YES | YES | ||||
| Chat Server | 8.5.109.05 | YES | N/A | YES | YES | ||||
| Server to: | |||||||||
| Inx Server | 8.5.110.01 | YES | N/A | YES | YES | ||||
| <a class="external-link" title="Interaction Server Proxy " href="https://jira.genesys.com/browse/ESR/component/17134" rel="nofollow">Inx Proxy</a> | ' | 8.5.110.01 | YES | YES | YES | YES | YES'''' | <a class="external-link" href="https://jira.genesys.com/browse/ESR-13033" rel="nofollow">ESR-13033</a> | |
| CS | 8.5.100.22 | YES | YES | YES | YES | ||||
| MS | 8.5.100.13 | YES | YES | YES | YES | ||||
| Inx Server | 8.5.110.01 | YES | YES | YES | YES | ||||
| GWS'''''''''' | ''''''' | 8.5.201.85 | NO | NO | YES | YES | NO'''' | <a class="external-link" href="https://jira.genesys.com/browse/HTCC-27276" rel="nofollow">'HTCC-27276</a>' | Simple TLS ONLY'Mutual TLS is not supported'CS Auto-detect port is not supported, must use ‘secured’'FIPS compliant'Connection to MS is not supported'‘Client-side’ option is NOT supported'TLS 1.2 supported on all connections:'add “-Djdk.tls.client.protocols=TLSv1.2” into command line or into JAVA_OPTIONS of “/etc/default/gws” for CentOS6 or “/usr/lib/systemd/system/gws.service“ for CentOS7'GWS CA Trusted certificate must be configured in application.yaml file only: (GWS do not read configuration from CME)'serverSettings:'caCertificate: /usr/local/genesys/cacert/ca_cert.pem'''''''onPremiseSettings:' cmeHost: fmk' cmePort: 2021' tlsEnabled: true |
| CS | 8.5.101.08 | NO | ' | YES | YES | ||||
| Inx Server | 8.5.107.11 | NO | ' | YES | YES | ||||
| UCS | 8.5.200.10 | NO | ' | YES | YES | ||||
| ChatS | 8.5.109.06 | NO | ' | YES | YES | ||||
| SIP | 8.1.102.58 | NO | ' | YES | YES | ||||
| <a class="external-link" href="https://jira.genesys.com/browse/GMS" rel="nofollow">GMS</a> | 8.5.107.19'''' | Not Tested | YES | Not Tested | Not Tested'''' | Not Tested | 'GMS-4886<a class="external-link" href="https://jira.genesys.com/browse/GMS-4922" rel="nofollow">GMS-4922</a>GMS-3089'GMS-3807'GMS-3136'GMS-3137'GMS-3135'GMS-3128 | Tested by I. Plachitskyi team.<a class="external-link" href="https://o3p.jamacloud.com/perspective.req?docId=2301403&projectId=20287" rel="nofollow">MOB-REQ-884</a>(Review/None)'TLS is supported between Cassandra nodes and on JMX port of Cassandra just due to build in support of Cassandra, butnotverified to be 1.2 (though likely with proper JRE version).TLS is not supported from GMS to Cassandra. (FR:0001971728)<a class="external-link" href="https://o3p.jamacloud.com/perspective.req?docId=2353646&projectId=20287" rel="nofollow">MOB-REQ-1060</a>' | |
| CS | 8.5.100.22 | Not Tested | N/A | Not Tested | |||||
| MS | 8.5.100.13 | YES | |||||||
| Statistics Server | 8.5.102.22 | N/A | |||||||
| Cassandra | 2.28 | N/A | TLS for GMS+Cassandra is NOT SUPPORTED | ||||||
| Chat Server | 8.5.105.05 | N/A | Chat v2: TLS between GSG/GMS and Chat Server in trust server mode (do not check the certificate). Chat v1: for TLS management, add the following option in chat section: chat_ssl_trust_all=true | ||||||
| UCS | 8.5.200.10 | N/A | TLS between GSG/GMS and Universal Contact Server in trust server mode (do not check the certificate).'''' | ||||||
| Email Server'''' | 8.5.104.06 | N/A | You can set up an HTTPS connection (even in the GMS Connection tab). Note: GMS uses HTTPClientFactory, and a TLS option can be set (section gms, option http.ssl_trust_all, value=false, true). | ||||||
| ORS | 8.1.400.53 | N/A | You can set up an HTTPS connection (even in the GMS Connection tab). Note: GMS uses HTTPClientFactory, and a TLS option can be set (section gms, option http.ssl_trust_all, value=false, true). | ||||||
| Web API Server | N/A | You can set up an HTTPS connection. Not configured at startup (that is, not in the GMS Connection tab). Note: GMS uses HTTPClientFactory, and a TLS option can be set (section gms, option http.ssl_trust_all, value=false, true). | |||||||
| SCS | 8.5.100.17 | N/A | ' | ||||||
| URS | 8.1.400.22 | N/A | You can set up an HTTPS connection. Not configured at startup (that is, not in the GMS Connection tab). Note: GMS uses HTTPClientFactory, and a TLS option can be set (section gms, option http.ssl_trust_all, value=false, true). | ||||||
| CO-BROWSE | 8.5.000 | ' | Not tested | Not tested | YES | YES'''' | <a class="external-link" href="https://jira.genesys.com/browse/CB-4239" rel="nofollow">CB-4239</a> | 'Tested by A.Dudkin QA team'Working with Chat Server is deprecated since 8.5.100 because it is now covered by Genesys Widgest&GMS. Therefore, there is no need to test TLS with Chat Server now. | |
| Config Server | 8.5.100.22 | ' | N/A | Not tested | YES | ||||
| MS | 8.5.100.13 | ' | implemented in 8.5.101 pending verification | Not tested | YES | ||||
| External Cassandra | 8.5.100 | ' | N/A | Not tested | YES | ||||
| Workforce Management | ' | ' | NO | Not tested | YES | ' | WFM-27379 | ||
| ' | WFM Server | 8.5.207.09 | ' | NO | Not tested | YES | YES'''' | ||
| ' | WFM Builder | 8.5.207.05 | ' | NO | Not tested | YES | YES | ||
| ' | WFM Demon | 8.5.207.01 | ' | NO | Not tested | YES | YES | ||
| ' | WFM Web | 8.1.301.02 | ' | NO | Not tested | YES | YES | ||
| ' | WFM Aggregator'''' | 8.5.203.00 | ' | NO | Not tested | YES | YES | ||
| ' | WFM DBServer | 8.1.301.02 | ' | NO | Not tested | YES | ' | ||
| Pending Projects: | Pending Projects: | ' | ' | ' | ' | ' | ' | ||
| <a class="external-link" href="https://jira.genesys.com/browse/GIR" rel="nofollow">Genesys Interaction Recording</a> | <a class="external-link" href="https://jira.genesys.com/browse/GIR" rel="nofollow">Genesys Interaction Recording</a> | ' | ' | ' | ' | ' | ' | <a class="external-link" href="https://jira.genesys.com/browse/GIR-11993" rel="nofollow">GIR-11993</a> | In progress |
| GVP RM | 8.5.175.95 | N/A | YES | ||||||
| SIP Server | 8.1.102.58 | YES | NO | Not tested | YES | YES | |||
| MCP | 8.5.176.05 | YES | NO | Not tested | YES | YES | |||
| CTIC | 9.0.010.07 | YES | N/A | YES | YES | YES | |||
| Reporting Server | 8.5.181.77 | NO | NO | Not tested | Not tested | NO | |||
| RM Internode | N/A | NO | NO | NO | NO | NO | |||
| Config Server | 8.5.100.22 | Not tested | NO | Not tested | YES | YES | |||
| LCA | N/A | N/A | N/A | N/A | N/A | N/A | |||
| Message Server | 8.5.100.13 | Not tested | NO | Not tested | Not tested | NO | |||
| GVP SSG | N/A | Not tested | GVP SSG is not in active development at this time, and, customers are encouraged to use other approaches to address their Outbound needs. Should the need for a TLS 1.2 compliant version of SSG arise from a particular customer, then, this will be scheduled to a future iteration (customers would continue to use their existing approach until a new version is available). | ||||||
| SIP Server | N/A | Not tested | Not tested | Not tested | Not tested | Not tested | |||
| HTTPS (Client) | N/A | Not tested | Not tested | Not tested | Not tested | Not tested | |||
| Config Server | N/A | Not tested | Not tested | Not tested | Not tested | Not tested | |||
| Message Server | N/A | Not tested | Not tested | Not tested | Not tested | Not tested | |||
| LCA | N/A | N/A | N/A | N/A | N/A | ||||
| GVP MCP | 8.5.176.05 | N/A | |||||||
| RM | 8.5.175.95 | YES | N/A | YES | YES | ||||
| Reporting Server | 8.5.181.77 | NO | YES | Not tested | NO | ||||
| Config Server | 8.5.100.22 | YES | YES | YES | YES | ||||
| LCA | N/A | N/A | N/A | N/A | N/A | ||||
| Message Server | 8.5.100.13 | Not tested | NO | Not tested | NO | ||||
| HTTPS (Client) | 8.5.176.05 | YES | N/A | YES | YES | ||||
| ASR/TTS (MRCP v2 Nuance) | 8.5.176.05 | YES | N/A | YES | YES | ||||
| ASR/TTS(MRCP v1 Nuance/MRCPP) | N/A | N/A | N/A | N/A | N/A | ||||
| GVP MRCP Proxy | 8.5.184.42 | N/A | |||||||
| Reporting Server | 8.5.181.77 | YES | YES | Not tested | NO | ||||
| Config Server | 8.5.100.22 | YES | YES | YES | YES | ||||
| LCA | N/A | N/A | N/A | N/A | N/A | ||||
| Message Server | 8.5.100.13 | Not tested | NO | Not tested | NO | ||||
| MRCP ASR/TTS | N/A | NO | NO | NO | NO | TLS1.2 support is not applicable for MRCP Proxy using the MRCPv1 protocol. TLS1.2 support is planned for MRCP Proxy using the MRCPv2 protocol (target end-2018). | |||
| MRCP Client | N/A | NO | NO | NO | NO | ||||
| GVP CCP | N/A | NO | NO | NO | NO | GVP CCP is not in active development at this time, and, customers are encouraged to use other approaches to resolve their call-control and other routing needs. Should the need for a TLS 1.2 compliant version of CCP arise from a particular customer, then, this will be scheduled to a future iteration (customers would continue to use their existing approach until a new version is available). | |||
| RM | N/A | NO | NO | NO | NO | ||||
| Config Server | N/A | NO | NO | NO | NO | ||||
| LCA | N/A | N/A | N/A | N/A | N/A | ||||
| Message Server | N/A | NO | NO | NO | NO | ||||
| HTTPS(client) | N/A | NO | NO | NO | NO | ||||
| GVP UCMConnector (T-Server-CUCM to Media Server Connector) | 8.5.184.06 | YES | |||||||
| RM | 8.5.175.95 | N/A | Not tested | YES | |||||
| T-Server | N/A | NO | NO | NO | NO | T-Server does not support TLS Connectivity | |||
| Config Server | 8.5.100.22 | Not tested | NO | YES | YES | ||||
| Message Server | 8.5.100.13 | Not tested | Not tested | Not tested | Not tested | ||||
| LCA | N/A | N/A | N/A | N/A | N/A | ||||
| GVP Policy Server | NO | NO | Not Tested | Not Tested | YES | Not Tested | Cannot be delivered for Policy Server due to no support for TLS 1.2 in Genesys Administrator.Equivalent GVP Policy Server functionality will be implemented in the future for Genesys Administrator Extension.There is no work-around. | ||
| Config Server | NO | NO | Not Tested | Not Tested | YES | Not Tested | |||
| HTTPS | NO | NO | N/A | Not Tested | YES | Not Tested | |||
| GA (GA UI) | NO | NO | N/A | Not Tested | YES | Not Tested | |||
| Message Server | NO | NO | Not Tested | Not Tested | YES | Not Tested | |||
| LCA | N/A | N/A | N/A | N/A | N/A | ||||
| GVP CTIConnector | IVR Server | 9.0.010.07 | YES | N/A | YES | YES | YES | ||
| Cisco ICM | NO | NO | NO | NO | NO | ||||
| Config Server | 9.0.010.07 | YES | N/A | YES | YES | YES | |||
| Resource Manager | 9.0.010.07 | YES | N/A | YES | YES | YES | |||
| Message Server | 9.0.010.07 | YES | YES | YES | YES | YES | |||
| GVP Reporting Server | Config Server | 8.5.181.77 | YES | YES | NO | Not Tested | Not Tested | ||
| Database | Not Tested | Not Tested | Not Tested | NO | Not Tested | Not Tested | |||
| HTTPS | 8.5.181.77 | YES | YES | NO | Not Tested | Not Tested | |||
| RC (Active MQ) | 8.5.181.77 | NO | NA | NO | Not Tested | Not Tested | |||
| SIP - Feature Server | SIP Server | Per the requirement document we udnerstand products carrying customer information are priority. Feature server does not carry sensitive information, which we understand as a not an immideate requirement and looking to implement these changes in Q3 2018. | |||||||
| GAX | |||||||||
| MCP | |||||||||
| Cassandra DB | |||||||||
| Phone | |||||||||
This page was last edited on June 20, 2018, at 13:30.
Comments or questions about this documentation? Contact us for support!