How do I prepare to disable TLS 1.0 when using The Raiser's Edge on premise?

Some users may choose to disable TLS 1.0 within their local environment. There is no current requirement to disable TLS 1.0 internally, but this article is intended for customers who decide to do so based on internal decisions. Customers who opt to do so should follow the steps below. 

The following steps are required for The Raiser's Edge when disabling TLS 1.0 if the software is locally-installed. These steps are not needed if The Raiser's Edge is hosted by Blackbaud. 

If TLS 1.0 is disabled when running a version of The Raiser's Edge before patch 7, or the steps below have not been followed, an error may be received when logging into The Raiser's Edge: 

Unable to establish database connection. 

[Microsoft][ODBC SQL Server Driver][DBNETLIB]SSL Security error
Native error:18
[Microsoft][ODBC SQL Server Driver][DBNETLIB]ConnectionOpen
(SECCreateCredentials()).
Native error:1.
For more information see Knowledgebase solution 47023 or BB140810
User-added image
The error above can be avoided by taking the following steps before disabling TLS 1.0. If it is already disabled and the error is received, re-enable TLS 1.0 as necessary until the steps below have been followed. 
  1. Ensure all RE-using workstations and the server support TLS 1.2. Please contact the appropriate software vendor or IT professional for assistance with this process, which is beyond Blackbaud's scope of support.
Note: We provide links to third-party websites in an effort to help you resolve your issue. We are not responsible for the information on third-party websites, and we cannot assist in implementing the updates on these websites.
  1. Install patch 7 or above. How to install The Raiser's Edge patch (includes video demo)
  2. In the Blackbaud Management Console, edit the description of the RE database or detach and reattach the database. This pushes a registry update out to the workstations. How to change a database description
  3. Disable TLS 1.0 as desired.
NOTE: Blackbaud Support cannot advise whether TLS 1.0 should be disabled, nor can we assist with installing ODBC drivers, Microsoft updates, or disabling TLS 1.0.

Steps to Duplicate

  1. On the Raiser's Edge SQL server open the registry
  2. Browse to HKEY_LOCAL_MACHINE > SYSTEM > CURRENT CONTROL SET > CONTROL > SecurityProviders > SCHANNEL > PROTOCOLS
  3. Change the DisabledbyDefault value to 1
  4. Attempt to log in to Raiser's Edge
  5. Receive an ODBC SSL security error

Environment

 Raiser's Edge
 7.96
 7.96
 7

Was this article helpful?


Thanks for your feedback! Did this solve your issue?

Comments (optional):


Thanks for your feedback!
We're glad it was helpful but sorry it didn’t solve your issue. If you need assistance, click Chat with Support below.
We’re sorry to hear that. Please tell us why.

 I don't like how this works.

 The answer is confusing.

 The answer didn't match what I was searching for.

Additional Comments (optional):


Thanks for your feedback! If you need assistance, click Chat with Support below.
Thanks for your feedback. Help us make our products even better by sharing details in our Idea Banks or our online Community.
Thanks for letting us know. We'll work on clarifying the information in the article. If you need assistance, click Chat with Support below.
Thanks for letting us know. We'll work on updating the search engine to return more relevant results.