Support Center > Search Results > SecureKnowledge Details
Disabling TLS 1.1 and 1.2 in Portals and HTTPS Inspection Technical Level
  • Starting with R75.40VS, the gateway supports newer versions of TLS 1.1 (RFC 4346) and TLS 1.2 (RFC 5246).

The new versions of TLS improve security by mitigating the BEAST attack ( ) and moving to stronger hash functions.

If it's necessary to remove them, you can set the environment variable CPTLS_LEGACY_TLS10. To do this on SecurePlatform or GAIA, add the following line to file $CPDIR/conf/


You will need to reboot after this.


NOTE: TLS 1.1 and 1.2 are supported in R75.40VS, R76 and later. They are not supported in R75.45, R75.46 and older versions.

This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.
This solution is about products that are no longer supported and it will not be updated

Give us Feedback
Please rate this document