enable-tls13-compat
This command controls whether to enable middlebox compatibility with TLS version 1.3.
Syntax
Enable middlebox compatibility
enable-tls13-compat
on
Disable middlebox compatibility
enable-tls13-compat
off
Parameters
- on
-
Enables middlebox compatibility. This setting is the default value.
- off
-
Disables middlebox compatibility.
Guidelines
The enable-tls13-compat command controls whether to enable middlebox compatibility with TLS version 1.3 (TLSv1.3). When enabled, dummy Change Cipher Spec (CCS) messages are sent in TLSv1.3 but appear similar to TLSv1.2. The effect is that middleboxes that do not understand TLSv1.3 do not drop connections. Regardless of this setting, CCS messages from peers are ignored in TLSv1.3.