Hi,
I have a web application using
tomcat which is SSL configured and is currently using TSLV1 and TSLv1.1 and i need to reconfigure it so it used TSLv1.2
Java version 1.8 ,Tomcat version 8.5
The current connector code in the server.xml file is working fine (
https://URL is working fine)
1. On checking the server.xml the connector port is defined as:
<Connector port="8443" protocol="HTTP/1.1" connectionTimeout="20000" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystorePass="xxx" keystoreFile="xxx" maxThreads="150" minSpareThreads="25" acceptCount="100" enableLookups="false"/>
2. To reconfigure the tomcat to use TSLv1.2 we need to make the above code as:
<Connector port="8443" protocol="HTTP/1.1" connectionTimeout="20000" SSLEnabled="true" scheme="https" secure="true" clientAuth="false"
sslProtocol="TLS" sslEnabledProtocols=”TLSv1.2” keystorePass="xxx" keystoreFile="xxx" maxThreads="150" minSpareThreads="25" acceptCount="100" enableLookups="false"/>
Steps to perform this change:
1. Stop tomcat
2. Make the above code changes in the config file.
3. Restart the tomcat.
4.
Test the URL
Also is there a way to verify if the protocol is using TSLv1.2 version only. Please note, we cannot install any 3rd party tool or utility to check this on the server due to client restrictions.
Thanks!