Force TLS 1.2 and disable TLS 1.0, 1.1 and 1.3 for DLP Detection/Prevent servers
book
Article ID: 206991
calendar_today
Updated On:
Products
Data Loss Prevention Network Prevent for EmailData Loss PreventionData Loss Prevention Network EmailData Loss Prevention Network Monitor and Prevent for Email
Issue/Introduction
Disable TLS 1.0, 1.1, 1.3 and only use TLS 1.2 on DLP detection servers.
Environment
Release: DLP 15.8, 16.0.0, 16.0.1 (RU1).
Cause
Deprecation of TLS 1.0 and 1.1.
TLS 1.3 is not yet supported.
Resolution
In the java.security file, add TLSv1, TLSv1.1 and TLSv1.3 to the "jdk.tls.disabledAlgorithms" line.