Options
SMTP Proxy and TLS 1.3
Has anyone been able to use TLS 1.3 for outbound SMTP proxy?
I can't seem to get our M470 to go above TLS 1.2.
0
Best Answer
-
Options
In the TLS profile, do you have Perfect Forward Secrecy set to None?
"TLS 1.3 connections always use PFS-capable ciphers. When this option is set to None, connections cannot use TLS 1.3 for proxy content inspection negotiation."
See the "Perfect Forward Secrecy Ciphers" section, here:
Configure TLS Profiles
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/proxies/general/tls_profiles_about_c.html0
Sign In to comment.
Answers
Turns out I needed to enable "STARTTLS" - it works now.
Thanks