TLS 1.0 & TLS 1.1 disable for our side if possible in pfsense
-
Hello Experts:- Request you please reply.
need to disable tls 1.0 and tls 1.1 from pfsense , it's for our webserver i mean for our website is there any way .. or any other idea. to achieve this. -
Hi,
Your web server is pfSense ?
What has the pfSense GUI to do with your web server ?
You are not exposing the pfSense GUI on the Internet, right ?No "help me" PM's please. Use the forum, the community will thank you.
Edit : and where are the logs ?? -
You would disable that on the web server which is actually serving the site, not at the firewall.
The only possible exception to that would be if you are doing SSL offloading in a package like HAProxy.
Moved out of the ACME category as either way, that question is not relevant to ACME/Let's Encrypt.
Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!
Need help fast? Netgate Global Support!
Do not Chat/PM for help!
-
@jimp Thank you so much Sir for the reply,We have done on web server too.but due to some issues we want achieve this via pfsense,can we disable from pfsense. we have offloaded ssl on HA proxy pfsense.
-
-
Look here : https://forum.netgate.com/topic/149300/captive-portal-err_ssl_protocol_error/5 - as in a a TLS 1.0 1.1 1.2 some 3 days ago. I guess you would have find it by now ;)
It's not a GUI option, just change /etc/inc/system.inc - line 1466.
-
@Gertjan Thanks Sir ,one more question i want to share scenario our website hosted on x server(it can be cent os httpd or windows iis) so that webserver frontend backend in pfsnese HA proxy .so this thing https://forum.netgate.com/topic/149300/captive-portal-err_ssl_protocol_error/6 help me in this scenario or different thing.
