TWSD-1387 - Requirement of SLB WebUI should be opened on TLS v 1.3

Review Request #1228 — Created Dec. 12, 2025 and submitted

Information
shuinvy
APV10
rel_apv_10_7
TWSD-1387
Reviewers
mingji, peteryeh, weikai 
Add TLSv1.3 to webui SSL ciphersuites and protocols
The ticket link:

https://arraynetworks.atlassian.net/browse/TWSD-1387


I added TLSv1.3 to the CLI:

webui ssl settings ciphersuites

and

webui ssl settings protocol

However,

we should upgrade our lighttpd to let our WebUI server take the effect.

so I comment the options in the WebUI.


The C code changes will influence the result of configuration of lighttpd file:

usr\click\webui\conf\lighttpd.conf

the path in the device is:

/var/run/new_webui.conf


If you use the CLI, then you can add TLSv1.3 feature to the configuration.

For example:

ssl.cipher-list = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:TLS-AES256-GCM-SHA384:TLS-AES128-GCM-SHA256"

And

ssl.openssl.ssl-conf-cmd = ("Protocol" => "-ALL,TLSv1.3")
peteryeh
peteryeh 
  1. Ship It!
  2. 
  
    
 
    

 
    
  


    
 
    
 
      

  

 
    


    

 
    

    3. 




  

 
















 



 

  

   




shuinvy




   

   

  

 



 

  


   

   

    
 Review request changed

    
   


  

  

  






 

  Status:
  

  Closed (submitted)

  
 







 


 










  

 









     

    

   

  

  

   
   Loading...