How to remove TLS 1.1 from Clarity and only leave TLS 1.2

book

Article ID: 185670

calendar_today

Updated On:

Products

Clarity PPM On Premise

Issue/Introduction

Our company needs to stop all applications from using TLS 1.0 or TLS 1.1. Can you please advise on the steps we need to take to get this done for Clarity?

Environment

Release : All supported Clarity versions with TLS 1.1 and TLS 1.2.

Component : CA PPM INTEGRATIONS & INSTALLATIONS

Resolution

You have to modify the deploy file there:

 .setup/scripts/j2ee/tomcat/deploy.xml

<attribute name="sslEnabledProtocols" value="TLSv1.2,TLSv1.1"
Remove TLSv1.1 as follows:
<attribute name="sslEnabledProtocols" value="TLSv1.2"

Once done, stop remove and redeploy the services. This should work to set it up.

 

 

Additional Information

Please keep in mind that restricting could cause issues with OWB if you are using older versions, check out:
https://ca-broadcom.wolkenservicedesk.com/external/article?articleId=141994

https://ca-broadcom.wolkenservicedesk.com/external/article?articleId=142161