Support Center > Search Results > SecureKnowledge Details
"Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings" error in Internet Explorer browser for HTTPS web site Technical Level
Symptoms
  • The following error appears in Internet Explorer browser when trying to connect to an HTTPS web site through Security Gateway:

    Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings and try connecting to
    https://XXX again. If this error persists, contact your site administrator.

    Example:
  • All these TLS versions are already enabled in Internet Explorer browser (Tools menu - Internet Options - Advanced tab).

    Example:
  • FireWall kernel debug on Security Gateway ('fw ctl debug -m fw + drop') shows that the HTTPS response from the web site is dropped:

    ;fw_log_drop_ex: Packet proto=6 HTTPS_SITE_ADDRESS:443 -> CLIENT_ADDRESS:Dest_Port dropped by fwpslglue_chain Reason: PSL Reject: ASPII_MT;
  • Application Control kernel debug on Security Gateway ('fw ctl debug -m APPI + connection') shows that the HTTPS response from the web site is blocked:

    [SID: 00000] {connection} appi_transaction_conn_process_rb_match_result: MATCH on rule ... (application: ..., action: BLOCK);
Cause

Traffic is being dropped by Application Control policy.


Solution
Note: To view this solution you need to Sign In .