Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ACE 4710 Multiple SSL version support

In regards to Bud ID CSCur27691, I was able to disable SSLv3 successfully but it seems that I only have the choice to enable a single SSL version at a time.  I would like to enable TLS 1.0, TLS 1.1, and TLS 1.2 all at the same time.  How can I do that with the ACE 4710s?  Below is a copy of the code from the Bug document.  Thanks.

 

For ACE VIPs terminating or initiating HTTPS connection you can set the SSL version to be TLS1 to avoid using SSLv3.

parameter-map type ssl XXXX
version TLS1
ssl-proxy service YYYY
ssl advanced-options XXXX

On A5(3.0) code you could use more versions as well, like TLS1_1 and TLS1_2.
 

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Hello,Currently there is no

Hello,

Currently there is no such possibility.

Please see a similar discussion here: https://supportforums.cisco.com/discussion/12327646/ace30-a531a-ssl-parameter-map

Regards,

Rares

2 REPLIES

Hi all, In release notes http

Hi all,

 

In release notes http://www.cisco.com/c/en/us/td/docs/interfaces_modules/services_modules/ace/vA5_3_x/release/note/ACE_mod_rn_A53x.html#pgfId-936970 we have chance to avoid using SSLv3 but it is limited to use only one TLS version.

Anybody knows if it possible this scenario:

SSLv3 disabled, TLS 1.1 and TLS 1.2 enabled.

Thanks a lot.

Jorge

 

New Member

Hello,Currently there is no

Hello,

Currently there is no such possibility.

Please see a similar discussion here: https://supportforums.cisco.com/discussion/12327646/ace30-a531a-ssl-parameter-map

Regards,

Rares

1442
Views
5
Helpful
2
Replies
CreatePlease to create content