How to switch to TLS 1.2 from SSLv3 for client-server communication in inSync?
inSync Client v5.5 now supports TLS version 1.2 for enhanced data privacy and data integrity. This provides you with enhanced security for your data by preventing eavesdropping, tampering, or forgery. However, to switch to TLS below mentioned points are mandatory.
- All inSync clients and inSync server need to be on version 5.5.
- inSync server should use single port architecture.
- Previous inSync server versions (till 5.4.1) were using TCP port 6061 for backup/sync/client activation and TCP port 443 for inSync web access(Default ports).
- If you wish to switch from SSLv3 to TLS, then inSync server must use single port for all activities which is a supported feature in inSync server v5.5.
After the above mentioned points are achieved, inSync will automatically start using TLS for client-server communication.
Note: Migration to single port should be strictly done under Druva support supervision as there are many factors which need to be checked before performing this migration.
Scenario 1- I have few Windows XP clients in my environment which backups on port 6061.
- TLS is supported only by inSync client v5.5 and above.
- You may use TCP port 6061, but it should be the single port used by your server. Every communication of your inSync server i.e. backup/sync/restore/web access should be on TCP port 6061.
Note: inSync client v5.5 is not supported on Windows XP, check the following link.
Scenario 2- My inSync 5.5 setup is upgraded from 5.4.1 so all devices run on port 6061. May I know if the transition from port 6061 to 443 is transparent to user?
- The transition will be transparent to users. However it involves multiple steps and may take few days/weeks to complete.
For more information on this feature, contact Druva support.