Upgrading WebGui TLS 1.0 to TLS 1.2 for PCI/DSS requirement
-
Hi,
We are using PFSense in a PCI/DSS environment and during recent audit we have been instructed to upgrade the WebGui TLS v1.0 to TLS V1.2. I couldn't find any guide to upgrade the webgui. Since this is mandatory requirement for PCI/DSS we need to do it ASAP.
Let me know how to upgrade the TLS.
We use 2.0.2-RELEASE
FreeBSD 8.1-RELEASE-p13Karthik
-
We use 2.0.2-RELEASE
Is this some bad joke?!?! https://doc.pfsense.org/index.php/Versions_of_pfSense_and_FreeBSD
during recent audit we have been instructed to upgrade the WebGui TLS v1.0 to TLS V1.2.
Sounds like an excellent opportunity to sack those absolutely useless "auditors" as well.
-
So your auditors didn't like that you were using tls 1, but didn't give 2 shits that your actual firewall software is from 2012 and no longer supported. Needless to say freebsd version as well….
Im with dok - is this some sort of joke?
Here is my suggestion for your remediation of that audit finding - update to current version ;) And then you will have your tls 1.2 support..
-
I did sort of almost spit out my drink when I noticed you using a code base thats no longer supported.
I can confirm on 2.4 TLS 1.2 is used.
So update the pfsense to a newer code base and your problem is solved.
