A Nessus scan detected TLS1.0 was enabled on Helpdesk connector port 8443
Release : 4.2 CU4
Component : Service Operations Insight (SOI) Manager
- Open \SOI\nimServer\conf\server.xml
Update below cipher and sslProtocol as you see (just the ciphers and sslprotocol section) and save the file
maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
keystoreFile="${catalina.home}/conf/ssa.jks"
keystorePass="catalyst"
ciphers="TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_CHACHA22_POLY1305, TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_256_SHA384, TLS_DHE_RSA_WITH_AES_128_SHA256"
clientAuth="false" sslProtocol="TLSv1.2" />
- Restart the "CA_NIM_HelpDesk_Server(tomcat)" service on your SOI manager