DE WebUI: How to remove TLSv1.0 from config

book

Article ID: 14454

calendar_today

Updated On:

Products

DSERIES- SERVER CA Workload Automation DE - System Agent (dSeries)

Issue/Introduction



Can we disable specific versions of authentication for the CA Workload Automation DE WebUI? If so, how can we go about doing so?

Environment

Release: DSWAHA01300-12-Workload Automation DE-High Availability
Component:

Resolution

Yes, you can disable authentication versions from the configuration of the DE WebUI. This can be accomplished by editing the configuration file /opt/CA/WADEWebClient/apache-tomcat/conf/server.xml. In the example listed below, we will disable TLSv1.0. Please follow these steps:

  1. Open the server.xml file which can be typically found in /opt/CA/WADEWebClient/apache-tomcat/conf/ on UNIX systems or C:\Program Files\CA\WADEWebClient_R12_SP1\conf on Windows.
  2. Find the line clientAuth="false" sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2"
  3. Delete the TLSv1 reference, including the comma. Do not remove the quotes!
  4. Restart the DE WebUI service/process.

You have no disabled the SSL TLSv1 authentication protocol.