Project

General

Profile

Todo #5984

Disable TLSv1.0 for web GUI

Added by Chris Buechler almost 4 years ago. Updated almost 4 years ago.

Status:
Resolved
Priority:
Normal
Category:
Web Interface
Target version:
Start date:
03/12/2016
Due date:
% Done:

0%

Estimated time:

Description

While there are no known weaknesses in TLSv1.0 as we have it configured, it's increasingly triggering "vulnerability" reports from vulnerability scanners, and disabling it isn't going to cause significant compatibility issues at this point. IE versions prior to 11 are the only significant thing it will break, and those versions of IE have been unsupported since January. Our default TLS config hasn't worked in IE versions earlier than 10 in about a year anyway.

Leaving enabled for captive portal for now, as that's still likely to encounter a variety of old, unsupported browsers that are outside the admin's control.

Associated revisions

Revision 677f0a18 (diff)
Added by Chris Buechler almost 4 years ago

Disable TLSv1.0 for web GUI's nginx instance. Ticket #5984

History

#1 Updated by Chris Buechler almost 4 years ago

  • Status changed from New to Resolved

Also available in: Atom PDF