search cancel

How to remove TLS 1.1 from Clarity and only leave TLS 1.2

book

Article ID: 185670

calendar_today

Updated On:

Products

Clarity PPM On Premise

Issue/Introduction

Our company needs to stop all applications from using TLS 1.0 or TLS 1.1. Can you please advise on the steps we need to take to get this done for Clarity?

Environment

Release : All supported Clarity versions with TLS 1.1 and TLS 1.2.

Resolution

  • Stop and remove all the services 
  • Navigate to folder  .setup/scripts/j2ee/tomcat/deploy.xml
  • Modify the Deploy.xml (setup/scripts/j2ee/tomcat/deploy.xml) 
    • <attribute name="sslEnabledProtocols" value="TLSv1.2,TLSv1.1"
      Remove TLSv1.1 as follows:
      <attribute name="sslEnabledProtocols" value="TLSv1.2"
  • Redeploy and start all the clarity services 

Additional Information

Please keep in mind that restricting could cause issues with OWB if you are using older versions, check out: