Help
FortiMail
FortiMail provides advanced, multi-layer protection against the full spectrum of email-borne threats
cysaw
Staff & Editor
Staff & Editor

Created on ‎05-06-2024 10:24 PM Edited on ‎08-15-2024 12:56 PM By Moderator

Article Id 313490

Technical Tip: How to disable TLS v1.0

Description This article describes how to disable TLS v1.0.
Scope

FortiMail.
Solution

The example below is to disable the TLS v1.0 on FortiMail. It will disable the TLS v1.0 for the HTTPS and SMTP access to FortiMail.

 

Run the CLI command below to disable the TLS v1.0:


config system global
    set ssl-versions tls1_1 tls1_2 tls1_3

end

Note:

If there is any sender that can only support TLS v1.0, the sender may encounter issues sending email to FortiMail or will need to send mail using plain text.

  1. TLS Versions 1.0 and 1.1 are officially deprecated protocols that are considered to be insecure. It is therefore highly recommended to disable them.
  2. Before making these changes, make sure the SSL version and ciphers used by clients are supported. Removing some of the older ciphers and SSL versions may affect client versions.
1164
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.