There is a security risk to the ssl lower versions of the equipment. The device can be configured to support higher versions and algorithms only to reduce the connection risk of the ROSNG series products.
1. SSL must bound PKI profile, the bounded PKI profile needs to import a legal and valid CA certificate 2. TLS(SSL) version is recommended to be greater than TLS v1.2, at least not less than TLS v1.1. 3. TLS algorithm does not contain insecure algorithms, which include: CBC, SHA1, MD5 4. Disable renegotiate