Forum Discussion

Doppler44_23469's avatar
Doppler44_23469
Icon for Nimbostratus rankNimbostratus
Nov 18, 2015

Inject TLS version into HTTP header

I'm planning to disable support for TLS 1.0, but want to give my users some time to update to modern browsers before I pull the plug on older browsers that don't support TLS 1.1 and 1.2. I'd like to display a message ("It's time to upgrade your browser") in my web app for customers who negotiate a TLS 1.0 connection.

 

Is it possible to inject an HTTP header (say "tls-version") into the browser's request?

 

  • Yep, this should do the trick for you.

    when HTTP_REQUEST {
        HTTP::header insert "tls-version" [SSL::cipher version]
    }
    
  • Yep, this should do the trick for you.

    when HTTP_REQUEST {
        HTTP::header insert "tls-version" [SSL::cipher version]
    }
    
    • Doppler44_23469's avatar
      Doppler44_23469
      Icon for Nimbostratus rankNimbostratus
      That did the trick. The header appears with the appropriate value: "TLSv1", "TLSv1.1", or "TLSv1.2". Thanks again.
  • Yep, this should do the trick for you.

    when HTTP_REQUEST {
        HTTP::header insert "tls-version" [SSL::cipher version]
    }
    
    • Doppler44_23469's avatar
      Doppler44_23469
      Icon for Nimbostratus rankNimbostratus
      That did the trick. The header appears with the appropriate value: "TLSv1", "TLSv1.1", or "TLSv1.2". Thanks again.