search cancel

Disable SSL and TLS protocols in Service Management


Article ID: 186155


Updated On:


CA Service Management - Service Desk Manager CA Service Desk Manager - Unified Self Service CA Service Desk Manager


How to disable SSL 2.0 and 3.0 and Use TLS 1.1 (with approved cipher suites) or higher instead.


Release : 17.0 and later

Component : CA Service Management


The process involves modifying the server.xml file that Tomcat uses.  You will need to locate the server.xml in these locations:
Baseline Tomcat implementation: 
Federated Search:
REST Web Services:
Support Automation:
Using the server.xml defined in USS as an example:
1. Locate server.xml in Tomcat being used by USS (Liferay) and take a backup of the file. The path should be similar to: C:\Program Files\CA\Self Service\OSOP\tomcat-7.0.40\conf\server.xml

2. Locate the section to configure SSL searching for <Connector port="8443" protocol="HTTP/1.1" 

3.  Set the following in the connector:

sslProtocols="TLS" SSLEnabled="true" sslEnabledProtocols="TLSv1.1, TLSv1.2"


4. Save Changes

5. Restart Services.

Additional Information

How To Configure SSL for Tomcat With Unified Self Service (USS)?


Remediation Steps to Secure CA Service Desk Manager from POODLE Vulnerability (CVE-2014-3566)