This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Disable SSL for RED

I have been able to disable SSLv3 and TLSv1.0 support for Webadmin using this guide: https://www.sophos.com/en-us/support/knowledgebase/121509.aspx, but I don't see in the document where these changes can be made for the RED service.

I made the suggested changes to httpd.conf and confirmed that Webadmin is failing to negotiate any connections using less than TLSv1.2, but when I connect to port 3400 (the RED listening port), it still allows SSLv3 and TLSv1.0.

Where can I edit the RED config to disable the older protocols?

This thread was automatically locked due to age.

Parents

0 Scott_Klassen over 9 years ago

Where can I edit the RED config to disable the older protocols?
You can't as with RED much of this is hardwired into the firmware. 9.313 has an SSL firmware update for REDs which probably fixes this, so update your UTM to 9.313 during downtime, as your REDs will need to reboot afterwards to apply the new firmware.

__________________
ACE v8/SCA v9.3

...still have a v5 install disk in a box somewhere.

http://xkcd.com
http://www.tedgoff.com/mb
http://www.projectcartoon.com/cartoon/1
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Scott_Klassen over 9 years ago

Where can I edit the RED config to disable the older protocols?
You can't as with RED much of this is hardwired into the firmware. 9.313 has an SSL firmware update for REDs which probably fixes this, so update your UTM to 9.313 during downtime, as your REDs will need to reboot afterwards to apply the new firmware.

__________________
ACE v8/SCA v9.3

...still have a v5 install disk in a box somewhere.

http://xkcd.com
http://www.tedgoff.com/mb
http://www.projectcartoon.com/cartoon/1
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data