SSL Scan from https://myssl.com/ Reports ADC SSL vServer TLS 1.3 is Disabled

SSL Scan from https://myssl.com/ Reports ADC SSL vServer TLS 1.3 is Disabled

book

Article ID: CTX460231

calendar_today

Updated On:

Description

If you perform an SSL scan from https://myssl.com/, sometimes it reports TLS1.3 is disabled even if ADC vServer is correctly configured.
 

Environment

Citrix is not responsible for and does not endorse or accept any responsibility for the contents or your use of these third party Web sites. Citrix is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement by Citrix of the linked Web site. It is your responsibility to take precautions to ensure that whatever Web site you use is free of viruses or other harmful items.

Resolution

NMAP/OpenSSL test has no issue. TLS 1.3 can work successfully. Suggest to use well-known tools to test. 
OpenSSL example: 
openssl s_client -connect www.example.com:443 -tls1_3

 

Problem Cause

False positive of https://myssl.com/. 

Issue/Introduction

This article describes a false positive scan issue from https://myssl.com/