Two days ago, Linden Lab disabled the ability to connect to Second Life using obsolete SSL, TLS 1.0, and 1.1 protocols. If you’re using a modern operating system and an up to date version of Radegast, this will not affect you in the least. However, for those of you on Windows 7, which has reached its end-of-life, you will be unable to connect. You’ve already been unable to connect to https://radegast.life with Internet Explorer for some time as I disabled these protocols years ago.
So what are we going to do about this? Well, I’m going to give you some hints on adding support and getting connected again. First, you must be running at least Windows 7 with Service Pack 1. Note that Windows 8.1 and later already support TLS 1.2 and will not need to follow these steps. If you are running WindowsME, Windows 8.1, Windows 10, Windows 11, Linux, MacOS, ReactOS, OS/2 Warp, TOPS-20, Android, Plan9, etc, etc, etc and cannot connect, you have a different issue and do not need to follow these steps. These steps are for users running Windows 7 with Service Pack 1 or Windows Server 2008 with a recent version of Radegast.
The first and best thing you can do is updating your system using Windows Update with all recommended updates and downloading the latest version if Radegast (which is presently 2.35). If you can’t run Windows Update, you can download and install the relevant update from this link at Microsoft Catalog. Can’t install the update? You are SOL.
Got it? Good. Don’t got it? I can’t help you. Contact Microsoft, but they will say sorry we don’t support end-of-life products either. By the way, if you can’t download these updates or can’t install .NET 4.7.2, you may need a Trusted Root Certificate Update.
Next, and you may not have to do this if you want to do it by hand, download the Microsoft “Easy Fix” to add relevant registry entries to WinHTTP and Internet Explorer.
Configure for Strong Cryptography
This step requires you to get down and dirty with the registry. If you aren’t comfortable with this, bail out now. Showing you how to use regedit.exe is beyond the scope of this article, so get your Google going if you don’t know how. The following entry must be added or altered in the registry:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319] "SchUseStrongCrypto" = dword:00000001
and if you’re silly and run 32-bit on a 64-bit Windows, you’ll need:
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319] "SchUseStrongCrypto" = dword:00000001
It’s going to end up looking something like this:
Reboot your system
If this all does not work for you, by all means keep fiddling with it and be sure to leave a comment on what you did to make it work to help others. I will happily update this guide with any additional information.
Request for Donations
All this talk of security and cryptographic protocols has reminded me that our code signing certificate expires at the end of the month! This code signing certificate validates integrity and authenticity of Radegast’s installer packages as well as the integrity and authenticity of several opensource projects including LibreMetaverse, XmlRpcCore, OpenJpegDotNet, and UniversalSpeech. A signed installer simplifies the install process, no need to bypass Windows SmartScreen, and it protects you from fraud!
Code signing certificates can be very expensive, upwards of $250 USD, and the Radegast project is always thankful for help with expenses such as code signing certificates and hosting. Believe it or not, I lose a lot of money every year providing this software with no monetary benefit to myself! If you would like to donate, you know where to find the donation page. Thank you!