Can anybody please confirm if the latest PAN OS 8.0 still uses TLSv1.0 for handshake during SSL communication? Is there a way we can configure Palo-Alto to use TLSv1.1 or 1.2?
I have a HTTP server running services on 443 which supports minimum TLSv1.1 for SSL communication. I am trying to forward threat logs from PA FW using HTTP log forwarding profile. I did a packet capture, and it seems like Palo-Alto is making the handshake using TLSv1.0 and it fails as the HTTP server rejects the request.
The SSL/TLS Service Profile allows you to select the min protocol version for TLS, but I believe that is for incoming SSL communication request from a client.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!