[Forcepoint] [WCG] Enabling TLS 1.1. and TLS 1.2 for Websense proxy (v8.2 and lower)

Modified on Sun, 18 Jun, 2017 at 10:33 AM

Symptom:

When trying to surf to a website that requires a higher level of authentication, the following block page is received:

A good example for this would be: https:www.renuar.co.il, which requires TLS 1.1+ to surf it.



Cause:

By default, Websense proxy only supports SSLv1,v2,v3 and TLS1.0 in versions below 8.3. To enable TLS 1.1 and 1.2 additional actions are required.



Solution:

Please note, the TLS 1.1 and 1.2 are not available in the GUI. To enable those, you will need to SSH to the WCG if it is an application or use the Appliance toolbox to set it:

proxy.config.ssl.client.TLSv11 1
proxy.config.ssl.client.TLSv12 1


Restart the WCG to apply the settings


Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article