How to disable specific TLS protocols in Applications Manager

Article Id: 107026

Status: Published

Updated On: 18-07-2018 10:30

Products:

CA Automic Applications Manager (AM)

Issue/Introduction:

Disabling specific protocols forces client to server connections to use less vulnerable or only use a specific TLS protocol such as TLS 1.2.

How do I disable specific TLS protocols in Applications Manager for the Automation Engine(master), Remote Agent, and Java Web Clients

Environment:

Release:
Component: APPMGR

Resolution:

TLS protocols can be disabled by editing Java's java.security file and adding the TLS protocal that you want to disable to the below variable line. Please note this was tested and verified on Java 8.

Master's java.security:
jdk.tls.disabledAlgorithms=

Agent's java.security:
jdk.tls.disabledAlgorithms=

Client's java.security:
jdk.tls.disabledAlgorithms=

Example:
jdk.tls.disabledAlgorithms=TLSv1, TLSv1.1, SSLv3, RC4, MD5withRSA, DH keySize < 768, \
EC keySize < 224