Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
xinger
New Contributor III

TLS v1.2 not provided in FGT 5.0?

I cannot find the reference right now, but I thought I had read somewhere that FGT 5.0 SSL web inspection/proxy cannot negotiate for TLS v1.2.  It only negotiates with destination HTTPS servers for SSL v3, TLS v1.0 and TLS v1.1 sessions.  Which means some of us will be S.O.L. [strike]come January[/strike] when Google will require TLS v1.2.

http://googleonlinesecurity.blogspot.com/2015/09/disabling-sslv3-and-rc4.html

 

I'm pretty certain it's true.  It's why I get a connection error when I go to Google test site: https://cert-test.sandbox.google.com/

 

[strike]yeah. yeah. I know I need to upgrade beyond 5.0, but I'm not sure that can happen before January.  But I'd like to make a strong case for upgrading, so[/strike] I'd like to find the document that tells me what SSL and TLS versions are support by FGT 5.0.  Does anyone know where a document like that is?

 

[Update: removed January references.  The Google article only references "medium term" plans.  I'd still like to know where FGT 5.0 SSL support is documented by Fortinet.  I spent 30 minutes Google'ing for it with no joy.]

0 REPLIES 0
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors