Possible to disable TLS 1.1 in Watchguard System Manager?
We're running WSM 12.8.2, and I've disabled TLS 1.0 with the check boxes in Watchguard Server Center, but I don't see a way to disable TLS 1.1
We're getting dinged on security scans because TLS 1.1 is still listening on ports 4115, 4119, 4121, 4130, etc.
I see in the documentation that only TLS 1.2 is used for communication since v11.10. Is there any way to disable TLS 1.1?
0
Sign In to comment.
Comments
Hi @Brad
We're currently working on an option to disable TLS1.1 for the WatchGuard System Center server (WSC). That enhancement is FBX-23887.
In the interim, you can navigate to C:\programdata\watchguard\wmserver\conf\httpd.conf and remove the +TLS1.1 item from the SSLProtocol line. You'll need to restart the server center processes for this to read the new config.
-James Carson
WatchGuard Customer Support