Disable TLS 1.0 on wildfire and enable TLS 1.2.

Disable TLS 1.0 on wildfire and enable TLS 1.2.

191
Created On 12/20/22 11:11 AM - Last Modified 11/11/25 19:48 PM


Symptom


  • In the scan report customer will get the vulnerability regarding weak TLS version when using TLS 1.0.

Environment


  • Wildfire Model WF-500
  • We don't have GUI on wildfire device.
  • Need to make changes via SSH.

Cause


  • In the scan report customer will get the vulnerability regarding weak TLS version when using TLS 1.0.

Resolution


  • We need to create SSL/TLS profile.
  • We need to create certificate for SSL/TLS profile.
  • We can use the below command to enable TLS 1.2 or TLS 2 version and can use certificate accordingly.
  • Please use the below command to set the TLS 1.2. 
#configure
#set shared ssl-tls-service-profile <Profile name> protocol-setting max-version tlsl-2 min-version tlsl-2
#commit 
 

Additional Information


snapnew1.png
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000kFkqCAE&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail