List services which are using TLS1.0 and/or TLS1.1
search cancel

List services which are using TLS1.0 and/or TLS1.1

book

Article ID: 235071

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

Is there any way to find all web services(inbound and out bound both) which are using TLS1.0 and TLS1.1 ,which are passing through the Layer7 security gateway ,any log file where we can get this details

we are planning to disable all TLS1.0/1,1 in our environments  so we to find out which applications are still using these TLS1.0 and 1.1

 

 

Environment

Release :

Component :

Resolution

1. Primary log to look at is  /opt/SecureSpan/Gateway/node/default/var/logs/ssg_0_0.log 

2. To identify which Policy or service is using TLS , you can try some basic queries like below :

mysql> use ssg;

mysql> select name from policy where xml like '%L7p:TlsVersion stringValue="TLSv1.0"%';

mysql> select name from policy where xml like '%L7p:TlsVersion stringValue="TLSv1.1"%';

3. As alternative, from linux terminal you can  run :

mysql -e "use ssg;select * from policy;\G;" > policy_TLS_search_out.txt

then check into the resultant policy_TLS_search_out.txt file which policy/service is using TLS version 

 

Powered by Wolken Software