07-21-2017 10:59 AM - edited 03-01-2019 05:17 AM
Hello, does anyone know if any version on the cisco ACE 5(3.x) support tls 1.2 for PROBES? I know that version 5 (3.1b) does not support 1.2 for probes but i dont see any documentation confirming or denying 1.2 support on the later versions for probes.
07-26-2017 07:19 AM
Hello Eric,
As seen below in the documentation :
http://www.cisco.com/c/en/us/td/docs/interfaces_modules/services_modules/ace/vA5_3_x/release/note/ACE_mod_rn_A53x.html#pgfId-936970
"In ACE (A53.1b) release, configuring the command “ssl certificate-expiration ignore” under HTTPS probe will cause the HTTPS probes to fail. To make probes work, you have to remove this command by using “no ssl certificate-expiration ignore” under HTTPS probe and use valid certificates."
Let me know if this helps..
Regards,
Mike G.
07-26-2017 08:43 AM
Thanks I appreciate the response, we ran into that issue in the past but i believe that is unrelated to the probes sending only TLS 1.0.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: