Global SSL/TLS Settings
The Global SSL/TLS settings section allows the administrator to configure Secure Sockets Layer (SSL) and Transport Layer Security (TLS) settings globally from the System > Administration page.
Configure the following settings:
- Customize TLS version — Specify the TLS version that is supported by the web server for special security reasons. The TLS version is used for communication between the client and the web server. To specify the TLS version, select one of the following options from the Customize TLS version scroll menu:
- Ciphersuites — Specify cipher suites by selecting one of the following options from the Ciphersuites drop-down menu:
- Modern compatibility — provides a higher level of security but might not be compatible with older clients. The oldest compatible clients are Firefox 27, Chrome 30, IE 11, on Windows 7, Edge, Opera 17, Safari 9, Android 5.0, and Java 8.
- Intermediate compatibility (recommended) — supports a wide range of clients but is not compatible with legacy clients (mostly WinXP). The oldest compatible clients are Firefox 1, Chrome 1, IE 7, Opera 5, Safari 1, Windows XP IE8, Android 2.3, and Java 7.
- Old backward compatibility (not recommended) — supports all clients back to Windows XP/IE6. Oldest compatible clients are Windows XP, IE6, Java 6.
- Custom ciphersuites — provides a customizable level of security. Select Custom ciphersuites and input a custom cipher list in the text field.
- Verify Backend SSL Server Certificate for Proxy connections — When this option is enabled, the connection is dropped if the backend SSL/TLS server certificate is not trusted. The verification depth is 10. Alert level log messages are also generated when this option is enabled.
- SSL Port — Enter the SSL port for the appliance. The default is 443. Do not set to any other operating system's reserved ports from 0 to 1023, as these might be in use by system services, and could cause unexpected results. This setting impacts all portals and can be overriden in the portal's configuration.
Was This Article Helpful?
Help us to improve our support portal