Comware

 View Only
last person joined: 2 days ago 

Back to discussions
Expand all | Collapse all

MSR 1003-8 security TLS out of date?

This thread has been viewed 0 times

  • 1.  MSR 1003-8 security TLS out of date?

    Posted Jul 06, 2020 09:21 PM

    Checking the documentation I found that the MSR 1003-8 supports SSL3.0/TLS1.0

    When I loaded a SSL certificate and associated this with the https for login through a browser, I found I could no longer connect. It appears that the browsers have all deprecated TLS 1.0 and TLS 1.1

    We have 10 MSR1003-8 and would appreciate a firmware update to TLS 1.3 asap.

    Does anyone know of an update that we're missing? We have the latest firmware installed (it is three or more years old now!)


    #security
    #SSL
    #TLS


  • 2.  RE: MSR 1003-8 security TLS out of date?

    EMPLOYEE
    Posted Jul 07, 2020 01:43 AM

    Hi,

    Could you please share running software version?

    Thanks!



  • 3.  RE: MSR 1003-8 security TLS out of date?

    Posted Jul 07, 2020 01:51 AM

    It is version 5.3 loaded from this file MSR1000_5.20.R2516P13.zip

    This is the latest revision of the firmware that is publically available.

    We need HPE to release a new firmware asap. It is timely that the companies that make web browsers have dropped TLS 1.0 and TLS 1.1 so now it is time for equipment suppliers to upgrade the firmware.


    #vpn
    #SSL
    #TLS


  • 4.  RE: MSR 1003-8 security TLS out of date?

    EMPLOYEE
    Posted Jul 07, 2020 06:28 AM

    Hi,

    Yes this is the latest version for comware 5.

    You need to log a case with support so they will check with product development team if there are any plan to release latest software for comware 5.

    Please find below Comware 5 Security Configuration Guide and refer SSL server policy. It might be useful for you:

    https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=c05327948

    Thanks!

     



  • 5.  RE: MSR 1003-8 security TLS out of date?

    Posted Jul 07, 2020 06:33 AM

    Hi, I don't want this to be taken the wrong way, but surely HPE have noticed that TLS 1.0 and TLS 1.1 are deprecated? Why is it my problem to put in a support case for something that is obvious? This situation should be a no brainer.

    "Dear Customers, we're racing to get a new firmware to you that includes TLS 1.2 and TLS 1.3 support so that https and SSLVLAN continue to work. In the interim, this is what you should do....."

    Please ask someone that knows what is happening to respond here. I would certainly like to know when I can upgrade my 10 MSR 1003-8 so that I can get them working again.



  • 6.  RE: MSR 1003-8 security TLS out of date?

    EMPLOYEE
    Posted Jul 08, 2020 07:33 AM

    Hi,

    Don't take me wrong, reason for asking to log a support case. because as far I know Comware 5 is outdated and discontinued. and there is no update that new software will be released or not..

    Thanks!



  • 7.  RE: MSR 1003-8 security TLS out of date?

    Posted Jul 13, 2020 08:50 AM

    I don't have a support contract so I cannot submit a support case. The MSR 1003-8 is still being sold so it should be secure - meaning it should not have TLS 1.0 and should have TLS 1.3. This is a problem that should be fixed and the user community informed of when the new firmware will be available.


    #MSR1003-8
    #TLS
    #SSL