Configuring advanced TLS security settings
- From the System Utilities screen, select System Configuration > BIOS/Platform Configuration (RBSU) > Server Security > TLS (HTTPS) Options > Advanced Security Settings.
-
Configure options.
To configure which cipher suites are allowed for TLS connections:
Select Cipher suites allowed for TLS connections.
Select one of the following:
Individual check boxes for the cipher suites you want to allow.
Select Platform Default Cipher suites
Select Commit changes and exit.
To configure the certificate validation process for every TLS connection:
Select Certificate validation process for every TLS connection.
Select a setting:
PEER (recommended)—The certificate presented by the peer is validated for secure communication.
NONE—Does not validate the certificate.
To enable or disable strict host name checking:
Select Strict Hostname checking.
Select a setting:
ENABLE—The host name of the connected server is validated with the host name in the certificate supplied by the server.
DISABLE—The host name of the connected server is not validated with the host name in the certificate supplied by the server.
To specify which protocol version to use for TLS connections:
Select TLS Protocol Version Support.
Select a setting:
AUTO—Negotiates the highest protocol version that is supported by both the TLS server and the client.
1.0—Uses TLS protocol version 1.0. (Not supported in Gen10 Plus)
1.1—Uses TLS protocol version 1.1. (Not supported in Gen10 Plus)
1.2—Uses TLS protocol version 1.2.
- Save your changes.