Hi,
I am trying improve the security of the SSL offload that is running our website. Our web host is trying struggling to find the correct settings and so I thought I would ask here. The firewall is an 80C running Fortios 5.2.5 SSLLabs has reported the following problems which I I would like to address:
Secure ClientInitiated Renegotiation Supported DoS DANGER
Downgrade attack prevention No, TLS_FALLBACK_SCSV not supported
Forward Secrecy With some browsers
TLS 1.2 not enabled
I have looked through the ‘CLI Reference for FortiOS 5.2’ and found the ‘ssl-server’ secrtion on page 842 but this doesn’t cover everything, is there anywhere else that I should be looking?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1735 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.