FortiWeb
A FortiWeb can be configured to join a Security Fabric through the root or downstream FortiGate.
mbotur
Staff
Staff
Article Id 194726

Description

This article addresses an issue where website rates (that is Qualys SSL Labs) give lower rates (B) for websites behind FortiWeb.

This may be caused by the Diffie-Helman(DH) configuration in FortiWeb.


Scope

FortiWeb v5.3.6 and higher.


Solution

In version 5.3.6 a new command was introduced which fixes this issue:
 
# config system global
set dh-params 2048
end
 
After this re-configuration, there should be no problem with DH in SSL tests. 

 

Contributors