https://community.checkpoint.com/t5/General-Topics/R80-30-with-HTTPs-interception-and-Perfect-Forward-Secrecy-with/m-p/64854#M13251 ECDHE/ECDSA is enabled, but it's not the default.<BR />If you want the system to ONLY propose those cipher suites, you still need to follow the steps in sk104717. Fri, 11 Oct 2019 22:39:01 GMT PhoneBoy 2019-10-11T22:39:01Z https://community.checkpoint.com/t5/General-Topics/R80-30-with-HTTPs-interception-and-Perfect-Forward-Secrecy-with/m-p/64794#M13235 <P>Dear Check Mates,</P><P>&nbsp;</P><P>is it still necessary to manually configure&nbsp;ECDHE/ECDSA cipher suites in R80.30 as mentioned in&nbsp;sk104717 chapter “Perfect Forward Secrecy (PFS)” to enable these cipher suites and PFS?</P><P>&nbsp;</P><P>Thank you in advance.</P> Fri, 11 Oct 2019 07:49:03 GMT https://community.checkpoint.com/t5/General-Topics/R80-30-with-HTTPs-interception-and-Perfect-Forward-Secrecy-with/m-p/64794#M13235 5809265c-0181-3 2019-10-11T07:49:03Z https://community.checkpoint.com/t5/General-Topics/R80-30-with-HTTPs-interception-and-Perfect-Forward-Secrecy-with/m-p/64854#M13251 ECDHE/ECDSA is enabled, but it's not the default.<BR />If you want the system to ONLY propose those cipher suites, you still need to follow the steps in sk104717. Fri, 11 Oct 2019 22:39:01 GMT https://community.checkpoint.com/t5/General-Topics/R80-30-with-HTTPs-interception-and-Perfect-Forward-Secrecy-with/m-p/64854#M13251 PhoneBoy 2019-10-11T22:39:01Z