Solving Pesky TLS Issues on Old Hardware

Part of being a Skype and Teams administrator is trying to reconfigure legacy hardware that’s been left in a corner for 5+ years and never updated.

Problem is, the world has moved on since these devices were deployed and depending on what firmware they were running when they were deployed. They likely won’t talk with any modern browser thanks to not supporting things like TLS 1.2. Greig has gone written a similar article before. But unfortunately, a lot of modern browsers no longer offer the options to re-enable old crypto cyphers. So I’d like to offer 2 new solutions to the mix.

I’m showing my age… a BRI ISDN based PBX

Run an old Chrome/Firefox “Portable”.

Note: if you use Chrome as your daily driver, this can corrupt your chrome profile! Use Firefox instead

Additionally, this may not work if the firmware is old enough to be running RC4 Use Firefox or see below for the Live CD method instead.

Running a “Portable” copy of Chrome/Firefox is pretty easy, download an old copy of Chrome from FilePuma or Griegs recommended build of Firefox
Once the file is downloaded, extract the exe using 7zip.

inside, you will find another 7zip, extract that.

Navigate into the newly created folder > chrome-bin and double click chrome.exe

Run an XP/Win7/Old Linux Live CD

If you have a really old SBC or maybe corporate policy that stops you from running an old browser but have access to a Live CD with Internet Explorer or another old browser on it like “Hirens Boot CD”, the “Ultimate Boot CD” or an old Linux Distro. just load these up in Hyper-V!

In Hyper-V Manager, click New > Virtual Machine

Run through the usual VM setup, Generation 1 pointing the CD drive to your LiveCD image. Don’t bother assigning a harddrive, make sure you have secure boot off.

Right click on the new virtual machine and select Settings

By default the VM should have the BIOS set to Boot from CD with Security get to Disabled
Click on the CD drive, attach your Live CD and click OK

Double click the VM and click Start

Boot your live CD

Tada!

Note: Depending on your LiveCD, you may need to add a Legacy network adapter in the Hyper-V guest to get the OS to see the network card.

Hope this helps someone.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.