This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Martin_Raska
Advisor
‎2022-04-26 12:59 AM

Disable TLS 1.0/1.1 for https inspection

Hello,

we are dealing with the issue of how to disable the entire TLS 1.0/1.1 for outbound HTTPS inspection. I know sk126613, but we dont want to disable ciphers but used protocol. Only TLS 1.2 from GW should be allowed. The configuration should be done one GW not clients, that's a different part.

 

Some ciphers are used both in TLS 1.0/1.1/1.2 eg.

TLS_DHE_RSA_WITH_AES_128_CBC_SHA

so disabling only ciphers is not what we are looking for.

 

0 Kudos
3 Replies
Chris_Atkinson
Employee
Employee
‎2022-04-26 02:16 AM

Recommend discussing this further with TAC, as I recall this needs a change to ssl_min_ver parameter via GuiDBedit.

0 Kudos
G_W_Albrecht
Legend
Legend
‎2022-04-26 03:31 AM

https://community.checkpoint.com/t5/General-Topics/Disable-TLS-1-0/m-p/70338/page/2

CCSE CCTE SMB Specialist
Martin_Raska
Advisor
‎2022-04-26 03:46 AM
In response to G_W_Albrecht

thx, for some reason I miss this one in search box - Disable-TLS-1-0

0 Kudos