Salesforce

SDL WorldServer - How do I enable TLS 1.1/1.2?

« Go Back
Information
SDL WorldServer - How do I enable TLS 1.1/1.2?
000005781
The protocol type is specified in the Tomcat conf folder and in the server.xml file.
WorldServer any version/Tomcat
How do I enable TLS 1.1/1.2 on WorldServer?
The protocol type is specified in the Tomcat conf folder and in the server.xml file. This file can be found on the server where WorldServer is installed and under this directory:

<WS_Home>\ tomcat\conf\ server.xml 

The default is: 

sslProtocol="TLS" 

Instead, you can try using 

sslProtocols = "TLSv1,TLSv1.1,TLSv1.2" 

Once you have made this change to the server.xml file, a WorldServer restart is required for the change to take effect.

You might also need to add this parameter

-Dhttps.protocols=TLSv1.1,TLSv1.2

using the tomcat launcher config. In Worldserver 10.x the executable is called idiomRunw.exe located in your ....\tomcat\bin folder.

In SDL WorldServer 11.x the file is called tomcat8w.exe.

Once launched you click on the JAVA tab and you then put your parameters in the Java options section.

In following articles:

How to change the Java Heap Memory in WorldServer 10.4.5. and later

Tuning performance of SDL WorldServer 10.4.4. and earlier version by changing the Java max Heap settings

changing your Java heap space is documented. Changing the parameter to include

-Dhttps.protocols=TLSv1.1,TLSv1.2

goes into the same location (Java Options field) described in the articles.


 
These internet articles might be relevant as reference (SDL has not written these articles):

https://access.redhat.com/solutions/1232233 
http://askubuntu.com/questions/537293/how-do-i-disable-sslv3-in-tomcat 
Attachments
 
 
 
 
 

Powered by