Does Spectrum OneClick support TLS 1.3 version?
search cancel

Does Spectrum OneClick support TLS 1.3 version?


Article ID: 233426


Updated On:


CA Spectrum DX NetOps


From which Spectrum Version can OneClick use TLS 1.3?


Release : 10.4.x, 20.2.x, 21.2.x

Component : Spectrum OneClick


From the Broadcom Communities thread

TLS 1.3 was only supported in Java 11.  But seeing it may have been back ported to Java 8 in 8u262-b10 from AdoptOpenJDK
Spectrum uses Apache Tomcat as a webserver.  It appears Spectrum 10.4.3 ships OpenJDK Runtime Environment (AdoptOpenJDK)(build 1.8.0_275-b01).  So if you are running 10.4.3+, you might be able to enable TLS1.3.  

From Spectrum 21.2.x documentation, the communication between OneClick and Spectrum application uses TLS 1.3 by enabling the secure CORBA. Refer to:

From 21.2.1, use Secure CORBA (TLS) for DX NetOps Spectrum  Communication
By default, the value is set to No.  DX NetOps Spectrum  applications like SpectroSERVER, ArchMgr, and LocServer daemons listen to connections on the existing CORBA 14002,14003 & 14004 ports along with secure CORBA  14012,14013 and 14014 ports.
No:  Indicates security is disabled. The OneClick server establishes insecure communication with the DX NetOps Spectrum  applications.
Yes:  Indicates secure communication between the OneClick server and the DX NetOps Spectrum  applications using TLS v1.3 authentication.