Citrix ShareFile is deprecating TLS 1.0 and 1.1 soon. Upgrade your ShareFile Tools.
If you are a ShareFile administrator for your company or even just a user of the service, you may have received an email or popup when visiting your ShareFile Site asking you to upgrade your tools before October 31, 2019.
You might be thinking to yourself, what tools? My servers are in my datacenter. Is this even legit?
It is. Whether you are running an On-Premise or Cloud based solution, the ShareFile control plane is always hosted and managed in the Citrix Cloud. And as of October 31st (Happy Halloween!), they are no longer accepting connections over the insecure versions of TLS. 1.0 and 1.1 specifically. Improperly configured TLS 1.0 for instance is vulnerable to some pretty well documented attacks such as POODLE, CRIME and DROWN.
Let’s break down how this would affect you and your users:
If you are running a StorageZone Controller, you need to upgrade to at least version 5.3.1. This is because your Controller needs to talk to the control plane and earlier versions used TLS 1.0 and 1.1. Without upgrading, that communication will be blocked on the 31st.
For your users, you need to make sure any applications they use to access ShareFile are up to date as well including Mobile Apps and desktop applications such as the Desktop App, ShareFile Drive Mapper, ShareFile Sync and any of the Outlook plugins.
For a detailed list of minimum versions necessary, you can refer to the following KB article CTX236104 for guidance.
So you have 2 months now to get all of your software up to date if you have been neglecting it. Version 5.3.1 for instance has been out for over a year now.
Happy upgrading!