Version 2.2.50.1 and below: Could not create SSL/TLS secure channel (Konica Minolta Integrated)

  1. Home
  2. Knowledge Base
  3. Technical Resources
  4. Troubleshooting
  5. Could not create SSL TLS secure channel
  6. Version 2.2.50.1 and below: Could not create SSL/TLS secure channel (Konica Minolta Integrated)

Version 2.2.50.1 and below: Could not create SSL/TLS secure channel (Konica Minolta Integrated)

In versions of Print Director 2.2.50.1 and below, the default SSL/TLS versions used for communication between Resource Manager and the device was SSL3 or TLS1.0. Microsoft operating systems had an update which deprecated certain versions of SSL/TLS. This caused complete or intermittent failure of the initialisation process.

Symptoms

Any of the following:

  • After clicking Gather Info, an error is displayed stating Could not create SSL/TLS secure channel.
  • Gather Info succeeds, but during Initialise at the Enabling Relay Server step the error is shown in the output window: Could not create SSL/TLS secure channel.

Solution

Konica Minolta has released special firmware for all models that resolves this problem. It is recommended that this firmware is installed as the primary solution.

In the cases where the special firmware is not available, there is a registry change that can be made on the machine where Resource Manager is running. Note that a reboot will be required after making the change:

  1. Click Start, type Run, press enter, type exe.

  1. Navigate to: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Cryptography\Configuration\Local\SSL0010002

  1. Double click the string value Functions.

  2. Copy the contents of the Value data window and paste it into Notepad.

  1. Search for each of the following keys one by one, cut them and paste them at the end of the list of keys

          TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
          TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
          TLS_DHE_DSS_WITH_AES_128_CBC_SHA
          TLS_DHE_RSA_WITH_AES_128_CBC_SHA
          TLS_DHE_DSS_WITH_AES_256_CBC_SHA
          TLS_DHE_RSA_WITH_AES_256_CBC_SHA

  1. Now the keys above should appear and the end of the original list of keys. Now copy the whole list from Notepad and paste them over the text that appears in the Value data regedit window (note the last line must be empty).

  2. Click OK.

  3. A reboot of the machine is required for the changes to come into effect.

  4. After reboot, re-attempt Initialisation.

Document revision date: 2019/01/24
Software version: 2.2.50.1

 

Article Attachments

Related Articles