Security

Re: Enable support for TLS 1.2 and 1.3, and disable support for TLS 1.0

 
Kauser
Advisor

Enable support for TLS 1.2 and 1.3, and disable support for TLS 1.0

Dear Concern,

Please share me the procedure to enable support for TLS 1.2 and 1.3, and disable support for TLS 1.0 and also shar me the procedure to check current running TLS version.

With Best Regards,

Md. Abdullah-Al Kauser

3 REPLIES 3
AmRa
HPE Pro

Re: Enable support for TLS 1.2 and 1.3, and disable support for TLS 1.0

Please let us know the component on which you want to enable/disable TLS 1.0?

I am an HPE Employee

Accept or Kudo
Kauser
Advisor

Re: Enable support for TLS 1.2 and 1.3, and disable support for TLS 1.0

Dear Concern,

We got below details requirement from IT security team. Please suggest.

The remote service accepts connections encrypted using TLS 1.0. TLS 1.0 has a number of cryptographic
design flaws. Modern implementations of TLS 1.0 mitigate these problems, but newer versions of TLS like 1.2
and 1.3 are designed against these flaws and should be used whenever possible.
As of March 31, 2020, Endpoints that aren’t enabled for TLS 1.2 and higher will no longer function properly with
major web browsers and major vendors.
PCI DSS v3.2 requires that TLS 1.0 be disabled entirely by June 30, 2018, except for POS POI terminals (and
the SSL/TLS termination points to which they connect) that can be verified as not being susceptible to any
known exploits.

Re: Enable support for TLS 1.2 and 1.3, and disable support for TLS 1.0

>> The remote service accepts connections encrypted using TLS 1.0. 

Yes but *what service* ? Your security team should be able to tell you more than this - they should have an IP address/port number combination that should help you narrow down what service on the host is responsible for this.

TLS connections don't necesarily come from the OS - there are all sorts of services/software on a HP-UX host that could be being serviced via a TLS connection.

HTH

Duncan


I am an HPE Employee
Accept or Kudo