From Chrome v84 SSL communication on ADC may break if TLS 1.2 isn’t enabled

From Chrome v84 SSL communication on ADC may break if TLS 1.2 isn’t enabled

book

Article ID: CTX270920

calendar_today

Updated On:

Description

ADC vservers not enabled with TLS 1.2 or above will not be able to connect and the browser will show a full page interstitial warning after upgrade to Chrome v84 

Resolution

  • Citrix ADC has TLS 1.2 enabled by default and most of the transactions happen on TLS 1.2 on ADC when using Chrome. 
  • For any reason, if you have explicitly disabled TLS 1.2 on vserver, please review the reason and enable it to avoid any issues with Chrome 84 release.
  • To enable TLS 1.2 , please use the below command
>set ssl vserver v1 -tls12 EN

Problem Cause

With release 84, Chrome is going to disable TLS 1.0, TLS 1.1 and only TLS 1.2 and above will be supported.

Note: Chrome v84 is scheduled to release in July 2020(tentative date)

Issue/Introduction

This article gives information on how to avoid issues with Chrome v84 by enabling TLSv1.2 or above if explicitly disabled on ADC vservers
Powered by Wolken Software