CA APM - TLSv1.0 and TLSv1.1 and ports 8443 and 5443 gives vulnerability
search cancel

CA APM - TLSv1.0 and TLSv1.1 and ports 8443 and 5443 gives vulnerability

book

Article ID: 403369

calendar_today

Updated On:

Products

CA Application Performance Management (APM / Wily / Introscope)

Issue/Introduction

CA APM - TLSv1.0 and TLSv1.1 and  ports 8443 and 5443 gives  vulnerability:

QID 38794 Secure Sockets Layer/Transport Layer Security (SSL/TLS) Server Supports Transport Layer Security (TLSv1.1) , TLSv1.1 is supported# [Port 5443]

Environment

CA APM 10.8 SP1

Cause

Environment Issue

Resolution

Enabling introscope.enterprisemanager.webserver.jetty.configurationFile=em-jetty-config.xml on the IntroscopeEnterpriseManager.properties and Force the TLSv1.3 on  em-jetty-config.xml

<Set name="includeProtocols">
  <Array type="java.lang.String">
    <Item>TLSv1.3</Item>
  </Array>
</Set>

Helped resolve the vulnerability messages.  

Powered by Wolken Software