We no longer see expected ExcludeCipherSuites entries in the jetty-ssl-context.xml file on CAPC.
search cancel

We no longer see expected ExcludeCipherSuites entries in the jetty-ssl-context.xml file on CAPC.

book

Article ID: 204581

calendar_today

Updated On:

Products

CA Infrastructure Management CA Performance Management - Usage and Administration DX NetOps

Issue/Introduction

Getting ready for a security scan and we no longer see the expected security entries we added previously to  

*/PerformanceCenter/jetty/etcjetty-ssl-context.xml

Environment

Release : 3.7.14 and up

Component : IM Reporting / Admin / Configuration

Cause

Starting in 3.7.14, we use a different file for these values:

*/PerformanceCenter/jetty/etc/ssl-lucky13.xml

And it is set to include only the desired settings by default.

Resolution

You can edit the

*/PerformanceCenter/jetty/etc/ssl-lucky13.xml

You can either choose to exclude ones turned on by default, or using IncludeCiphers, it overrides the defaults.

Additional Information

https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/performance-management/20-2/administrating/single-sign-on/set-up-https/enable-performance-center-to-use-ssl-manually/configure-performance-center-to-use-https.html

 

Powered by Wolken Software