Qualys vulnerability scans report that the Autosys Web Server or WebUI (WCC) server on port 9443/8443 allow weak SSL/TLS Key Exchanges
Workload Automation AE (AutoSys)
<Connector SSLEnabled="true" acceptCount="100" ciphers="ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA" clientAuth="false" keystoreFile="/opt/CA/WorkloadAutomationAE/autouser.ACE/webserver/conf/.keystore" keystorePass="changeit" keystoreType="BCFKS" maxThreads="400" port="9443" protocol="org.apache.coyote.http11.Http11NioProtocol" relaxedQueryChars="|<>" scheme="https" secure="true" sslProtocol="TLS" sslEnabledProtocols="TLSv1.2"/>
Note: the above whole content is in just one line
<Connector SSLEnabled="true" URIEncoding="UTF-8" acceptCount="100" ciphers="ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA"
clientAuth="false" compressableMimeType="text/html,text/xml,text/plain,text/javascript,text/css,application/x-javascript,application/javascript,application/json" compression="on" disableUploadTimeout="true" enableLook
ups="false" keyAlias="tomcat" keystoreFile="/opt/CA/WorkloadAutomationAE/wcc/data/config/.keystore" keystorePass="changeit" maxThreads="150" minSpareThreads="25" port="8443" protocol="HTTP/1.1" scheme="https" secure="
true" server="WCC" sslProtocol="TLS" sslEnabledProtocols="TLSv1.2" useSendfile="false"/>