Enabling specific TLS version on Reporter 10.x

book

Article ID: 170672

calendar_today

Updated On:

Products

Reporter-S500 Reporter Reporter-VA

Issue/Introduction

How to enable or disable specific SSL/TLS protocols for WebUI management access?

Resolution

In order to modify the SSL/TLS protocols for reporter 10.2 and earlier following are the steps:

1. SSH or serial console into the Reporter

2. Stop Reporter
       Reporter#Stop-reporter

3. Edit the "Preferences.cfg file
       Reporter# configure edit preferences.cfg

4. Locate the "protocols" section and look for SSL and TLS as shown below.    Note: "False" = disabled and "True" = enabled

protocols = {
    http = {
      ssl = {
        ssl_v2 = "false"
        ssl_v3 = "false"
        tls_v1 = "true"
        mode = "enable"
        use_default_cert = "true"
        cert_file = ""
        key_file = ""
        port = "8082"
        password = "004cc6e07945f9"
        tls_v1_1 = "true"
        tls_v1_2 = "true"

5. Commit the configuration changes
       Reporter#configure commit

6. Restart Reporter
       Reporter#start-reporter


In order to modify the SSL/TLS protocols and ciphers in 10.3 and later see the following Sections. 


Modify Protocols

1. SSH or serial console into the Reporter
2. Enter enable mode and then configure terminal mode.
3. Add, remove, reset or set the protocols.
       Reporter(config)#ssl edit ssl-context default protocols ?


Modify Ciphers

1. SSH or serial console into the Reporter
2. Enter enable mode and then configure terminal mode.
3. Add, remove, reset or set the protocols.
       Reporter(config)#ssl edit ssl-context default cipher-suites ?


View the ssl-context once before or after changes have been made

1. SSH or serial console into the Reporter
2. Enter enable mode and then configure terminal mode.
3. View the ssl-context to verify settings or that changes have occurred. 
       Reporter(config)#ssl view ssl-context default