1 Reply Latest reply on Sep 17, 2018 8:01 AM by patrick.byrne.0

    How to connect to Redshift with higher sslversion from Tableau Desktop

    Judy Yang

      Hi Team,

       

       

      My Tableau server and Tableau desktop version is both 2018.2. When I connected to the Redshift via Tableau desktop, the ssl version is TLSv1 which is not secure anymore. We want to enable more secure ssl version, like TLSv1.2, Could you help if you have any idea of it?

       

       

      Best Regards,

      Judy

        • 1. Re: How to connect to Redshift with higher sslversion from Tableau Desktop
          patrick.byrne.0

          Hello Judy,

           

          This can be accomplished using the Security Hardening Checklist steps for Tableau Server. They can be found here: Security Hardening Checklist

           

          In step 3, as quoted below, the older TLS versions can be disabled.

          3. Disable older versions of TLS

          Tableau Server uses TLS to authenticate and encrypt many connections between components and with external clients. External clients, such as browsers, Tableau Desktop, Tableau Mobile connect to Tableau using TLS over HTTPS. Transport layer security (TLS) is an improved version of SSL. In fact, older versions of SSL (SSL v2 and SSL v3) are no longer considered to be adequately secure communication standards. As a result, Tableau Server does not allow external clients to use SSL v2 or SSL v3 protocols to connect. We recommend that you only allow external clients to connect to Tableau Server with TLS v1.2.

          Specifically, we recommend that you disable TLS v1 and TLS v1.1 on Tableau Server. However, before you disable a specific version of TLS, verify that the browsers that your users connect to Tableau Server with support TLS v1.2. In some cases, you may need to preserve support for TLSv1.1.

          The following tsm command enables TLS v1.2 (using the "all" parameter) and disables SSL v2, SSL v3, TLS v1, and TLS v1.1 (by prepending the minus [-] character to a given protocol).

          tsm configuration set -k ssl.protocols -v "all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1"

          tsm pending-changes apply

          The pending-changes apply command displays a prompt to let you know this will restart Tableau Server if the server is running. The prompt displays even if the server is stopped, but in that case there is no restart. You can suppress the prompt using the --ignore-prompt option, but this does not change the restart behavior. For more information, see tsm pending-changes apply.

          Hope this helps!


          Cheers,

          Byrne, Patrick