Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

TLS / SSL version used when connecting HTTPS sites in InterScan Web Security Virtual Appliance (IWSVA) 6.5

    • Updated:
    • 28 Nov 2018
    • Product/Version:
    • InterScan Web Security Virtual Appliance 6.5
    • Platform:
    • N/A N/A
Summary

You want to know the TLS / SSL protocol version that IWSVA uses when accessing the destination HTTPS server.

Details
Public

The TLS / SSL version used in connecting HTTPS sites depends on whether HTTPS Decryption is enabled or not.

  • When HTTPS Decryption policy is enabled:

    IWSVA mediates the TLS/SSL connection between the client browser and the destination HTTPS site. Therefore, IWSVA decides the TLS/SSL version used to connect the destination HTTPS site according to the settings in HTTP > HTTPS Decryption > Settings > SSL Method.

    You can set it to Connect https server with the same SSL version from client or Customize SSL setting.

    When you set it to Connect https server with the same SSL version from client, IWSVA treats the HTTPS connection as a connection failure if the TLS / SSL version between the client browser and IWSVA and the one between IWSVA and the destination HTTPS server are different.

    The failure usually occurs when a downstream proxy of IWSVA or the destination HTTPS server allow a lower version of TLS / SSL.

    Set "Customize SSL setting" to prevent the failure. For more details, you may refer to KB article: Unable to display certain HTTPS websites in Firefox and Chrome when connecting through InterScan Web Security Virtual Appliance (IWSVA).

  • When HTTPS Decryption policy is NOT applied:

    IWSVA does NOT mediate the TLS / SSL connection between the client browser and the destination HTTPS site. Therefore, the client browser decides the TLS / SSL version used to connect to it.

Premium
Internal
Rating:
Category:
Configure; SPEC
Solution Id:
1121600
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.