Our company needs to stop all applications from using TLS 1.0 or TLS 1.1. Can you please advise on the steps we need to take to get this done for Clarity?

Release : All supported Clarity versions with TLS 1.1 and TLS 1.2.

Applicable only when clarity is FIPS ENABLED 

• Stop and remove all the services 
• Navigate to folder  .setup/scripts/j2ee/tomcat/deploy.xml
• Modify the Deploy.xml (setup/scripts/j2ee/tomcat/deploy.xml) 
  • <attribute name="sslEnabledProtocols" value="TLSv1.2,TLSv1.1"
    Remove TLSv1.1 as follows:
    <attribute name="sslEnabledProtocols" value="TLSv1.2"
• Redeploy and start all the clarity services 

If Clarity is not FIPS ENABLED then TLS version can be managed at network layer and no configuration changes needed in clarity 

Please keep in mind that restricting could cause issues with OWB if you are using older versions, check out:

• Clarity TLS versions supported