Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Subscribers 28 subscribers
  • Views 1085 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Remove TLS 1.1 from Web Admin HTTPS interface

rizzah

Hi Community,

From a vulnerability management scan the result on the XG was port 4444 (web admin interface) was TLS v1.1 enabled. I could not find how to disable this, anyone have an idea?

Regards,

Peter



This thread was automatically locked due to age.
Parents
  • 0

    Are you able to test with openssl command?
    via Linux machine terminal/windows powershell > openssl s_client -connect X.X.X.X:4444 -tls1_1
    if yes, could you share the results with us here ?

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Global Support & Services 


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Vivek Jagad

    CONNECTED(00000003)
    140091414586688:error:1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version:../ssl/record/rec_layer_s3.c:1543:SSL alert number 70
    ---
    no peer certificate available
    ---
    No client certificate CA names sent
    ---
    SSL handshake has read 7 bytes and written 124 bytes
    Verification: OK
    ---
    New, (NONE), Cipher is (NONE)
    Secure Renegotiation IS NOT supported
    Compression: NONE
    Expansion: NONE
    No ALPN negotiated
    SSL-Session:
    Protocol : TLSv1.1
    Cipher : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1652186929
    Timeout : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
    ---

Reply
  • 0 in reply to Vivek Jagad

    CONNECTED(00000003)
    140091414586688:error:1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version:../ssl/record/rec_layer_s3.c:1543:SSL alert number 70
    ---
    no peer certificate available
    ---
    No client certificate CA names sent
    ---
    SSL handshake has read 7 bytes and written 124 bytes
    Verification: OK
    ---
    New, (NONE), Cipher is (NONE)
    Secure Renegotiation IS NOT supported
    Compression: NONE
    Expansion: NONE
    No ALPN negotiated
    SSL-Session:
    Protocol : TLSv1.1
    Cipher : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1652186929
    Timeout : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
    ---

Children
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?