How to disable specific TLS protocols in Applications Manager

Document ID : KB000107026
Last Modified Date : 18/07/2018
Show Technical Document Details
Introduction:
Disabling specific protocols forces client to server connections to use less vulnerable or only use a specific TLS protocol such as TLS 1.2.
Question:
How do I disable specific TLS protocols in Applications Manager for the Automation Engine(master), Remote Agent, and Java Web Clients
Answer:
TLS protocols can be disabled by editing Java's java.security file and adding the TLS protocal that you want to disable to the below variable line. Please note this was tested and verified on Java 8.

Master's java.security:
jdk.tls.disabledAlgorithms=

Agent's java.security:
jdk.tls.disabledAlgorithms=

Client's java.security:
jdk.tls.disabledAlgorithms=

Example:
jdk.tls.disabledAlgorithms=TLSv1, TLSv1.1, SSLv3, RC4, MD5withRSA, DH keySize < 768, \
EC keySize < 224