HTTPS Security Levels
SecureSync supports two different modes of HTTPS operation:
- The Standard HTTPS Level allows the use of medium strength ciphers and older TLS (Transport Layer Security) protocols,
- while the High-Security Level is restricted to strong ciphers and TLS version 1.2 exclusively.
While Standard Mode is the default setting, the High-Security Level is preferred (unless you require the extra compatibility), since High Security turns off TLSv1, which has known security vulnerabilities.
Note that the High-Security Level requires the use of current browsers – as of July 2016, the oldest compatible clients include:
• Firefox® 27
• Chrome® 30
• Internet Explorer® 11
• Safari® 9.
(This is not an exhaustive list.)
To enable High-Security HTTPS:
- Navigate to MANAGEMENT > Network Setup.
- In the Actions Panel on the left, click on Web Interface Settings. The Web Interface Settings window will open.
- Click on the tab Security Level:
- Read the Caution statement and verify that you meet the requirements stated.
- Check the box Enable High Security, and click Submit.
- While it is NOT necessary to close the Web UI, and restart the browser, it is recommended to wait 90 seconds before continuing to use the Web UI, in order to allow the web server software to restart in the background.
It is also possible to disable High-Security HTTPS and TLS: Follow the procedure outlined above, but uncheck the box Enable High Security.
For more information on HTTPS certificates, see HTTPS.