Auditing has found that our Automic Tomcat server is accepting TLS 1.0 traffic.  We need to disable TLS 1.0 and TLS 1.1.

To find out which version of SSL/TLS AWI is using, first connect to AWI, then use the information on the following site to determine which version of TLS is being used:

https://security.stackexchange.com/questions/19096/how-to-determine-if-a-browser-is-using-an-ssl-or-tls-connection/169418

This is the default secure connection string on the Tomcat server.xml 

<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" 
    keyAlias="server" keystoreFile="conf\prod.jks" keystorePass="secure2468" 
    maxThreads="150" SSLEnabled="true" scheme="https" secure="true" 
    clientAuth="false" sslProtocol="TLS" />

Release : 12.x

Component : AUTOMATION ENGINE

Here is an example of a string that forces to use TLSv1.2:

<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" 
    keyAlias="server" keystoreFile="conf\prod.jks" keystorePass="secure2468" 
    maxThreads="150" SSLEnabled="true" scheme="https" secure="true" 
   clientAuth="false" sslProtocol="TLS" sslEnabledProtocols="TLSv1.2" />


Once implemented, you need to recycle Tomcat.