Does CA Spectrum OneClick support TLSv1.1 and TLSV1.2
search cancel

Does CA Spectrum OneClick support TLSv1.1 and TLSV1.2

book

Article ID: 57357

calendar_today

Updated On:

Products

Spectrum

Issue/Introduction

Does CA Spectrum OneClick support TLSv1.1 and TLSV1.2?

Environment

Release: Spectrum 10.x

Resolution

JRE 1.7 update 51 was officially supported started with Spectrum 09.03.00.00. With the support of JRE 1.7, CA Spectrum OneClick can be configured to use TLSv1.1 and TLSv1.2. For example, the $SPECROOT/tomcat/conf/server.xml file on the OneClick system can be configured as follows:

 

<Connector

           port="443" minProcessors="5" maxProcessors="75"

           enableLookups="true" disableUploadTimeout="true"

           acceptCount="100" debug="0" scheme="https" secure="true" SSLEnabled="true"

           clientAuth="false" sslProtocol="TLS"

           sslEnabledProtocols="TLSv1.1,TLSv1.2"

           ciphers="TLS_RSA_WITH_AES_256_CBC_SHA"                         

           keystoreFile="<SPECROOT>/custom/keystore/cacerts"

           keystorePass="changeit">

  </Connector>

Powered by Wolken Software