How to find services which are using TLS1.0 and/or TLS1.1?
search cancel

How to find services which are using TLS1.0 and/or TLS1.1?

book

Article ID: 235071

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

Is there any way to find all web services (inbound and outbound) using TLS1.0 and TLS1.1, which are passing through the Layer7 security gateway?

Environment

All supported versions of the API Gateway

Resolution

  • To identify which Policy or service is using TLS, you can try some basic queries like below :
    • mysql> use ssg;
    • mysql> select name from policy where xml like '%L7p:TlsVersion stringValue="TLSv1.0"%';
    • mysql> select name from policy where xml like '%L7p:TlsVersion stringValue="TLSv1.1"%';
  • As an alternative, from a Linux terminal you can  run :
    • mysql -e "use ssg;select * from policy;\G;" > policy_TLS_search_out.txt
    • Then check into the resultant policy_TLS_search_out.txt file and look for the policy/service name that is using the TLS version