Can't emphasize this enough!  Linux Self-Hosting needs to support the latest browsers and TLS.  This is a known issue - It should not need to take a feature request to have ConnectWise fix a known bug!!  PLEASE FIX IT!

I'm not sure why an issue that's been discovered a year ago has not been fixed yet!    And a security issue no less!   Seriously considering other products due to this not getting fixed promptly.    I opened a ticket regarding this 12/14/2017 and it's still not fixed!

Hear, hear!!!!! get this DONE!!!

A work around from the community is nice, however I'd like to see some movement from the company to fix this. And I'm really gettin worried that ya'll are leaning towards dropping support for hosting on Linux. That was one of the reasons many of us, including myself, started using this software. Very little overhead with a headless server. May have to start looking at alternatives.

Wayne I wouldn't bother waiting, there'll be no movement from the company on this.

I suggest setting up NGINX + Lets Encrypt on the same VM you're running ScreenConnect on.

It's actually really straightforward and solves this problem permanently.

Here's the script: https://github.com/stylnchris/sc_ssl_support/

And if you need any help there's a ton of info in this thread: https://control.product.connectwise.com/communities/6/topics/1691-tls-13-seems-to-breaks-screenconnect-when-using-ssl-on-mono

Also, NGINX makes ScreenConnect super responsive and much faster to navigate around the web GUI.

I want to add my vote that this should be fixed and we should not have to rely on a workaround.

I'm appreciative to everyone that has worked on trying and testing these solutions, but I'd like the solution to come from the vendor so it's supported and nothing breaks (like the jnlp and invite issues mentioned in other threads)

Please fix this, ConnectWise!

Looks like it's been announced (updating mono). Is there ANY ETA?

I have over 1,600 clients and the current version of mono maxes the CPU even on very high end servers.

Hi Allen, 

We're planning to release updated mono in our upcoming 19.4 release. If you have a test environment and want a chance to test now, please let us know. Reach out to pm@screenconnect.com. 

Thanks, 

Caitlin 

I also just upgraded to 19.4 ... and TLS 1.3 doesn't seem to be working .. is there a config we need to change?  Yubikeys still not working.

I can wait for a more stable build. Do you know approx when 19.4 will be released? (I won't hold you to it)

We're working through the issues now, should be in preview in a few weeks, and stable a few weeks after that. At this time we don't have firm dates!

I just upgraded to 19.4.  It's still using TLS 1.0. Do I need to do something to change that or is 1.3 still not supported? 

Hi Phil, 

Apologies, our updates to Mono were not in our 19.4 release. They should be available soon!

Best, 

Caitlin 

You've been promising for months that 19.4 will contain the updates to Mono. I just updated to 19.4 and like the others above i find it's still using TLS 1.0. And now you say "should be available soon"  When???

This is really frustrating!!!!  Why do you promise something that people are waiting for and then not deliver???

Right... 19.4 and TLS 1.3/updated Mono has been promised for a while.  Yet it's not here.  You would think after the recent press about ransomware with Connectwise Control/Non-2FA accounts ... that this would be a higher priority.  Not something to put off for around a year...  And Yubico announced the TLS requirements a LONG time ago..plenty of time to get it done..

Considering that edge is switching to the chrome codebase within the next few months...once that occurs there's no way for Linux standalone to be accessed as all the browsers will block Linux SC because it only supports tls 1.0.

This would be ideal in conjunction with Let's Encrypt

So version 19.5.25995.7276 is out. 

Has Mono been updated as per this email from 19th August 2019:

We’re upgrading Mono for increased Linux security and sustainability. The updates will add support for more recent versions of TLS as well as a greater number of 64-bit Linux distros. You will also notice a general improvement in performance when connected to a large number of sessions.

Does this version now support TLS 1.3? 

It doesn't appear so. When will the upgrade to Mono be available? It would be really nice to know what is happening with this issue.

Thank you

18th Jan 2020: SSL works on mono with version 19.6!

from the release notes:

Updated Mono support for Linux on-premises installations

We've updated the Mono architecture that's used for our Linux on-premises installers.This fixes many security issues such as TLS 1.0 limitations, and it helps us keep Mono up-to-date in the future.

We officially support these Linux distributions:

• Ubuntu 64-bit LTS
• Debian 64-bit (latest stable release)

Thank you!

Could someone from Connectwise please give us an official answer on this?

I am currently using HAProxy with Centos to get TLS v1.3 compatibility 

I am keen to build a new Ubuntu/ Debian VM to run without HAProxy, but can't do anything until this is conformed. Although v19.6 Stable doesn't appear to be available right now anyway...

19.6 does support TLS 1.3, however, it causes service crashing.  I am upgraded to it and have to keep rebooting services every 0.5-3 days. 

That's what I'm find too. I constantly have to restart the screenconnect service daily otherwise I have instances where it's uncontactable. I have resorted to creating a cron job that runs daily

Have not experienced the services instability but had problems installing Lets Encrypt SSL, have switched to paid basic RapidSSL and it works with TLS 1.3, but although installed using the SSL configurator, there is a problem with the intermediate cert which is not appearing in the chain, even though it is installed. But SSL is working OK for me - using Ubuntu 16.04, just needs the intermediate cert to work properly.

Until they switch from mono to .NET they will continue to have issues. Even with the latest update they STILL don't support deployments > 1,000 clients. We have 2,000 now and growing.

We have started to migrate to Mesh Central, free and works better than SC.

Thanks for the Mesh Central info... just in case Control Wise no longer want us ...???

Since Jeff Sold SC I personally have found keeping my on premises a real pain.

https://control.product.connectwise.com/communities/6/topics/2798-portal-not-responding

sc has said the writing is on the wlal fro Linux in another thread:

Thoughts for moving forward--

I actually think most of it has been fixed already in a 20.2 build. It's just in a parallel universe to our existing release pipeline, which is why it has lagged.

I personally think it's a shame the Linux/Mono usage has declined to such a degree. I thought it was neat technically we could really master (*ducks*) both platforms in a very unique way-- what other commercial product runs on Mono?

Our code base is in good shape and could be moved to .NET Core without a lot of obvious work. The one thing stopping it is our Extensions; most extensions have ASP.NET components, and we can't easily change and break compatibility without a lot of impact.

Y'all should probably see the writing on the wall if you haven't already. I know that when I'm a consumer of something, I like to feel like my business is valuable to the vendor. And although y'all are very valuable to me personally because I like Linux, I like arguing, I like critique of my creations, etc, I think y'all probably have an opinion about how much you think my superiors care about this particular enjoyment of mine. And we're sitting with just maybe 40-50 of y'all who are looking at a $65/year renewal? To the credit of my superiors, they have very much supported us doing the right thing and getting y'all in a good state, but we've spent a good $50k+ on this Linux/Mono refork, and we won't see nearly the return to cover that, so eventually they'll probably come a-calling for resources to be spent elsewhere. So I'd say the work on the Mono framework to get it compatible with 20.3+ seems unlikely.

Like I said before, ConnectWise wants to do the right thing. So what's the right thing?--

There will be a 20.2 release which addresses what we perceive as the stability/compatibility issues.

You know you can move to host SC no Windows with your existing SC license, right? (including this option for completeness ;))

If you're interested in moving to Cloud, let us know. I think there are existing deals that a bunch of customers have taken advantage of here. I'm sure if you are constructive about it, that could likely be sweetened.

Thread is at the following URL:

https://control.product.connectwise.com/communities/6/topics/2798-portal-not-responding?redirect_to_reply=10802#comment-10758