Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
LostBoY
Advisor
Jump to solution

Disable TLS1.0 Chekcpoint R80.40

Hello,

I am looking to block TLS1.0 in my Checkpoint Gateway R80.40.. i followed the following article

 

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

 

my query is that under point 6 it says:

6. Disable the use of SSLv3 and TLS1.0 for Gaia Portal. To do this make the changes below in the same file:

from:

SSLProtocol -ALL {ifcmp = $httpd:ssl3_enabled 1}+{else}-{endif}SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2

To:

SSLProtocol -ALL {ifcmp = $httpd:ssl3_enabled 1}+{else}-{endif}SSLv3 +TLSv1.1 +TLSv1.2

 

but here SSLv3 is mentioned in the bottom line.. can someone please explain this.. Thanks..

 

Also, if i follow the following KB and make the changes via Smartconsole.. is it one and the same thing or do i need to do the changes in SmartConsole as well as Gateways.

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

 

Thanks

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

You need to do both.
You’ll notice that a plus or minus is basically enclosed in an if statement.
Unless you’ve enabled SSLv3 using ssl3_enabled in the configuration, it will result in a minus which means no SSLv3.

View solution in original post

1 Reply
PhoneBoy
Admin
Admin

You need to do both.
You’ll notice that a plus or minus is basically enclosed in an if statement.
Unless you’ve enabled SSLv3 using ssl3_enabled in the configuration, it will result in a minus which means no SSLv3.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events