I cannot find the reference right now, but I thought I had read somewhere that FGT 5.0 SSL web inspection/proxy cannot negotiate for TLS v1.2. It only negotiates with destination HTTPS servers for SSL v3, TLS v1.0 and TLS v1.1 sessions. Which means some of us will be S.O.L. [strike]come January[/strike] when Google will require TLS v1.2.
http://googleonlinesecurity.blogspot.com/2015/09/disabling-sslv3-and-rc4.html
I'm pretty certain it's true. It's why I get a connection error when I go to Google test site: https://cert-test.sandbox.google.com/
[strike]yeah. yeah. I know I need to upgrade beyond 5.0, but I'm not sure that can happen before January. But I'd like to make a strong case for upgrading, so[/strike] I'd like to find the document that tells me what SSL and TLS versions are support by FGT 5.0. Does anyone know where a document like that is?
[Update: removed January references. The Google article only references "medium term" plans. I'd still like to know where FGT 5.0 SSL support is documented by Fortinet. I spent 30 minutes Google'ing for it with no joy.]
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1548 | |
1032 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.