Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Martin_Raska
Advisor

Disable TLS 1.0/1.1 for https inspection

Hello,

we are dealing with the issue of how to disable the entire TLS 1.0/1.1 for outbound HTTPS inspection. I know sk126613, but we dont want to disable ciphers but used protocol. Only TLS 1.2 from GW should be allowed. The configuration should be done one GW not clients, that's a different part.

 

Some ciphers are used both in TLS 1.0/1.1/1.2 eg.

TLS_DHE_RSA_WITH_AES_128_CBC_SHA

so disabling only ciphers is not what we are looking for.

 

0 Kudos
3 Replies
Chris_Atkinson
Employee
Employee

Recommend discussing this further with TAC, as I recall this needs a change to ssl_min_ver parameter via GuiDBedit.

0 Kudos
G_W_Albrecht
Legend
Legend

Martin_Raska
Advisor

thx, for some reason I miss this one in search box - Disable-TLS-1-0

0 Kudos