How to disable TLSv1.1 and below on Reporter's FTP(s) server?
search cancel

How to disable TLSv1.1 and below on Reporter's FTP(s) server?

book

Article ID: 244414

calendar_today

Updated On:

Products

Reporter

Issue/Introduction

How to disable TLS 1.1 and below on Reporter's FTP(s) server?

Environment

Reporter version 10.X

Reporter version 11.X

Resolution

Take reporter CLI access then go to enable mode and edit ftps configuration file using steps motioned below:

 

Step-1) Stop the FTP(s) daemon running on reporter

# ftps stop

 

Step-2) Modify FTP(s) daemon configuration file

# edit ftps

Important note: This command will open up a vi editor (short for visual editor) is a screen editor which is similar to a Unix system. To learn the basic commands of a vi editor you can follow this link Basic vi commands

Find following lines in before: section and change it as mentioned in after: section and save the FTP(s) daemon configuration file. 

before:

allow_anon_ssl=YES
ssl_sslv1=NO
ssl_sslv2=NO
ssl_tlsv1=YES
ssl_tlsv1_1=YES
ssl_tlsv1_2=YES
ssl_ciphers=HIGH:!ADH:!aNULL:!eNULL:!EXP:!DES:!3DES:@STRENGHT

after:

allow_anon_ssl=NO
ssl_sslv1=NO
ssl_sslv2=NO
ssl_tlsv1=NO
ssl_tlsv1_1=NO
ssl_tlsv1_2=YES
#ssl_ciphers=HIGH:!ADH:!aNULL:!eNULL:!EXP:!DES:!3DES:@STRENGHT
ssl_ciphers=ALL:!aNULL:!ADH:!eNULL:!LOW:!MEDIUM:!EXP:!DES:!3DES:RC4+RSA:+HIGH

 

Step-3) Start the FTP(s) daemon

# ftps start

 

Additional Information

ftp | ftps - Reporter enable mode command

Basic vi commands

Powered by Wolken Software