Can I exclude TLSv1.1 in addition to the protocols listed in the guide?

Can I exclude TLSv1.1 in addition to the protocols listed in the guide?

Article Id: 16291

Status: Published

Updated On: 14-02-2018 07:52

Legacy Id: TEC1261166

Products:

CA Infrastructure Management , CA Infrastructure Management , CA Performance Management - Usage and Administration , CA Performance Management - Data Polling

Issue/Introduction:

Can I exclude TLSv1.1 in addition to the protocols listed in the guide?

Environment:

CA Performance Management 2.7 and later

Resolution:

In the InstallDirectory/PerformanceCenter/jetty/etc/jetty-ssl-context.xml on CA Performance Center,
Add TLSv1.1 as in:

<Set name="ExcludeProtocols">
    <Array type="java.lang.String">
        <Item>TLSv1.1</Item>
        <Item>TLSv1</Item>
        <Item>SSLv3</Item>
        <Item>SSLv2</Item>
       <Item>SSLv2Hello</Item>
    </Array>
</Set>

Additional Information:

https://docops.ca.com/ca-performance-management/3-2/en/administrating/single-sign-on/set-up-https-for-ca-single-sign-on/configure-performance-center-to-use-https