Some PrinterOn Embedded Agents for Samsung/Ricoh are no longer communicating with the PrinterOn Server - c06328812
For security reasons, PrinterOn began disabling TLSv1.0 and proactively implementing TLSv1.1 and TLSv1.2 instead. However, because some embedded agents may still be using earlier protocols, an issue arises that prevents these agents from communicating with the PrinterOn Server.
This issue impacts two components: Apache Tomcat and PDH.
To ensure that the embedded agents can communicate with the server, you’ll need to:
- Edit the Apache Tomcat system.xml file to enable SSLv3 and SSLv2Hello, a protocol that is used to initiate an SSL transaction and specifies the method used to determine what encrypted form should be used.
- Contact PrinterOn support at support@printeron.com to have the PDH configuration file modified so that PDH permits the use of TLSv1.
The file to provide to support is called Listener.properties and is located here: C:\ProgramData\PrinterOn Corporation\PONData\PDH\server
To edit the Apache Tomcat files:
- Stop the Central Print Services Windows service
- In a text editor, open the following file: C:\Program Files (x86)\PrinterOn Corporation\Apache Tomcat\conf\server.xml
- Locate the following entry: <Connector port=”443” protocol=org.apache.coyote.http11.Http11NioProtocol” SSLEnabled=”true” maxThreads=”150” scheme=”https” secure=”true” clientAuth=”false” SSLEnabledProtocols=”TLSv1.2,TLSv1.1”
- Modify the SSLEnabledProtocols value as follows: SSLEnabledProtocols= "TLSv1.2,TLSv1.1,TLSv1,SSLv3,SSLv2Hello"
- Save the file.
- Start the Central Print Services Windows service.
NOTE:
Applies to PrinterOn Enterprise 3.x and later.