cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
225
Views
0
Helpful
5
Replies

TLS support

Does anyone know what version on TLS is supported by AsyncOS 7.5.x and 8.0.x?

 

Thanks

Dominick

5 REPLIES 5
Collaborator

1.0.   1.2/1.3 are expected

1.0.   1.2/1.3 are expected in 9.x, in the fall, maybe?

 

Highlighted

Ken,

Ken,

Do you know if the support for 1.1/1.2 has been included in a code version as of yet? Also is there a document explaining how the proxy sets what version to utilize in a conversation? I have servers that are going to stop supporting 1.0 and they utilize the WSA for communications.

Thanks

Dominick

Collaborator

Yes.  9.0.1 has been released

Yes.  9.0.1 has been released as "Limited Deployment", you can request it from TAC.  Or if you want to deploy a new VM, you can download it without having to ask TAC for anything...

I've been running on it for about a month.

Explorer

Have you run into any bugs or

Have you run into any bugs or issues in 9.01 in the month that you have been running it?  I am getting tired of doing passthrough for all websites that need TLS 1.2/1.3 support, but at the same time don't want to deploy an LD release that could still have issues. 

Has your experience been positive and would you recommend 9.01?  Also, did you need to do anything to enable TLS 1.2/1.3 support or did it just start working after the upgrade? 

Jim

Collaborator

The one that I've run into is

The one that I've run into is actually an old bug.  Sometimes the WSA can't find/deal with the intermediate cert, so you add upload the intermediate in Network/Certificate Management and you're good.  Sometimes doing that seems to not fix it, but you just have to kick the proxy to get it to pick it up.  

I too was getting tired of passthrough bs...

I'd recommend you try it. 

Just check System Administration/SSL Configuration to make sure it got turned on.  It doesn't do 1.3 yet..