Allow Connections over Deprecated TLS
Define how Kiosk Pro will handle websites using deprecated versions of Transport Layer Security (TLS), the cryptographic protocol used for HTTPS:// security certificates.
- Show Prompt
Other Possible Values:
When using Show Prompt, if a page is served using security certificates with older, deprecated versions of TLS or SSL, a prompt is shown to the visitor, alerting them to the error and allowing them to continue to view the page or cancel to prevent loading.
Once the permission to access a site over deprecated TLS is granted, that permission is retained for the rest of the visitor's session and will reset when the idle time out triggers.
This option allows pages served using security certificates with older versions of TLS or SSL to load without displaying an alert. As this prevents the exception from being shown to the visitor, it should only be used in restricted environments where all possible exceptions have been reviewed. This mode should never be used for kiosks that allow unrestricted browsing as that could potentially compromise sensitive information entered by visitors.
Never is the most secure approach and prevents any page using deprecated versions of TLS or SSL from being displayed. If a visitor tries to view a page with certificate errors, they will see the Blocked Request Alert and the page will not be displayed.
Apple officially deprecated TLS 1.0 and 1.1 in March 2020. TLS deprecation and authentication is performed by the underlying WebView browser engine so Kiosk Pro is unable to modify the specific versions of TLS/SSL protocols that trigger an exception.
Values for Remote Settings Control & Managed App Configuration
- Added in version 10.1