Configure TLS Version and Key Exchange Length

If the WAF is the first point of termination for public SSL certificates, then you should adjust the TLS Version and Key Exchange Length to conform to your organization’s security policies.

To change the default TLS version and key exchange length of a website:

  1. In the Alert Logic console, click navigation menu () > Configure > WAF, and then click the Appliances tab.
  2. In the item row of your appliance, click the appliance name.
  3. In the Managed WAFconsole, click Websites, and click the desired website.
  4. On the Website page, click Virtual host.

  5. On the Virtual Host page, select the appropriate entries in the Minimum SSL Protocol Version and Forward Secrecy Key Exchange Parameter Length fields.

  6. Click Save settings on the lower right.
  7. To commit your changes, click apply changes at the top of the screen. When prompted “Are you sure you want to apply the changes to the running configuration?”, click OK.