This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM Up2Date 9.506 Released

9.506 is released.

Maybe we could use this thread for reporting successful updated system and maybe not so many bugs. Who wants to be first to update? :-)



This thread was automatically locked due to age.
Parents Reply
  • After you do: cc set reverse_proxy min_tls 1

    Check the result with: grep SSLProtocol /var/chroot-reverseproxy/usr/apache/conf/reverseproxy.conf

    Now is WAF still "broken" for that one situation?

    Note that this probably is not supported and that you should upgrade your software to eliminate its dependence on TLSv1.  After upgrading, use the trick above to set the value back to 1.1.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • Bob,

    You are my HERO today!

    My clients are connecting again.

    Now maybe after a couple of hours outage, I can get them to get their software upgraded...

    The main issue is I told them they had until April 2018 to fix this as that is the PCI compliance deadline for TLS 1.

    I didn't comprehend this line in the change log:

    Fix [NUTM-8806]: [WAF] Issue with TLS settings for virtual webserver

    Meant removal of TLS 1...

     

    Thanks,

    Ron

  • My bad.

    TLS 1 is still there you just need to know what screen to access.

    Advanced vs Virtual Webserver/Edit Screen.

     

    Thanks,

    Ron