Steps to enable the SSL 3.0 and TLS 1.0 protocols

Note

If you enable SSL 3.0 and TLS 1.0 -- for compatibility or any other reason -- you thereby make your application vulnerable to the serious threats against which TLSv1.1 and TLSv1.2 provide protection.

To enable the SSL 3.0 protocol for Tools and Frameworks, follow these steps:

  1. Open server.xml at %ENDECA_TOOLS_ROOT%\server\workspace\conf.

  2. Change sslEnabledProtocols to sslEnabledProtocols="SSLv3.0" in the SSL connector. 

    <Connector port="8443" SSLEnabled="true"
		 protocol="org.apache.coyote.http11.Http11Protocol"
		 maxPostSize="0"
		 maxThreads="150" scheme="https" secure="true"
		 clientAuth="true" sslEnabledProtocols="SSLv3"
		 keystoreFile="cert.ks" keystorePass="eacpass"
		 truststoreFile="ca.ks" truststorePass="eacpass"
		 URIEncoding="UTF-8"

  3. Open java.security file in %ENDECA_TOOLS_ROOT%/server/j2sdk/jre/lib/security.

  4. Uncomment the jdk.tls.disabledAlgorithms property and disable all other protocols except SSLv3 "jdk.tls.disabledAlgorithms=TLSv1, TLSv1.1, TLSv1.2".

  5. Restart the Tools and Frameworks server.

To enable the TLS 1.0 protocol, follow these steps:

  1. Open server.xml at %ENDECA_TOOLS_ROOT%\server\workspace\conf.

  2. Change sslEnabledProtocols to sslEnabledProtocols="TLSv1" in the SSL connector. 

    <Connector port="8443" SSLEnabled="true"
		 protocol="org.apache.coyote.http11.Http11Protocol"
		 maxPostSize="0"
		 maxThreads="150" scheme="https" secure="true"
		 clientAuth="true" sslEnabledProtocols="TLSv1"
		 keystoreFile="cert.ks" keystorePass="eacpass"
		 truststoreFile="ca.ks" truststorePass="eacpass"
		 URIEncoding="UTF-8"

  3. Open java.security file in %ENDECA_TOOLS_ROOT%/server/j2sdk/jre/lib/security.

  4. Uncomment the jdk.tls.disabledAlgorithms property and disable all other protocols except TLSv1: 

    jdk.tls.disabledAlgorithms=SSLv3, TLSv1.1, TLSv1.2

  5. Restart the Tools and Frameworks server.

Copyright © Legal Notices