We are looking forward to add HTTPS inspector to our clients but we have hit a few snags.
In our internal testing we have found that Untangle will lower the TLS version and change the Chiper used.
This in it self is not a show stopper if we can control what ciphers and TLS version that should be supported in our setup.
tlsvchiphers.PNG
Sample from Facebook.com shows that Untangle uses TLS 1.0 and a Cipher with SHA1.
I know that this area is a nasty one where you really need to know your way around and I am sure that we might be the only ones that has a issue with what Ciphers is used on the inside but if Untangle want to be a serious brandname in this area I think that it is needed to give end users/admins some choices here.
Without HTTPS insector:
Notviahttps inspector.PNG
With HTTPS inspector:
Withhttpsinspector.PNG
In our internal testing we have found that Untangle will lower the TLS version and change the Chiper used.
This in it self is not a show stopper if we can control what ciphers and TLS version that should be supported in our setup.
tlsvchiphers.PNG
Sample from Facebook.com shows that Untangle uses TLS 1.0 and a Cipher with SHA1.
I know that this area is a nasty one where you really need to know your way around and I am sure that we might be the only ones that has a issue with what Ciphers is used on the inside but if Untangle want to be a serious brandname in this area I think that it is needed to give end users/admins some choices here.
Without HTTPS insector:
Notviahttps inspector.PNG
With HTTPS inspector:
Withhttpsinspector.PNG