how to disable AT-TLS 1.2 and earlier

book

Article ID: 17110

calendar_today

Updated On:

Products

CA Output Management Document Viewer CA Output Management Web Viewer

Issue/Introduction

How to disable SSL through TLS 1.1 and earlier?



SSL and AT-TLS levels below 1.2 are deprecated. Is there a way to disable them in CA Web Viewer/CCI?

Environment

All

Resolution

This is more about what you enable as opposed to disable. The selections are made from the CCI configuration tool or as accessed from the Web Viewer Configuration tool. 
These are the other two settings you need in the config tool. 
CCISSL: SSL Connection 
3: Force SSL 

CCISSL : Force secure end-to-end connection including routing across hosts. 

1 for YES. 

NOTE: SSL in these questions also covers your later choice of TLS V1.2 . 
Later, under CCISSL Encryption Protocol, you are choosing Option 4. TLS V1.2 After that, you will find in your CCIClient.properties how CCISSL PROT = TLSV1.3Only - meaning 1.2 is the only protocol permitted - no non SSL, SSL or TLS 1.0 or 1.1.