0 Replies Latest reply on May 29, 2018 11:27 AM by abhimanyu kumar

    how to disable ssl and use only tlsv1.2 in jboss-eap-6.4

    abhimanyu kumar Newbie

      Hi ,

       

      I am using jboss-eap-6.4 and have deployed web services, My requirement is to stop handshaking for all the client making a request to my services with ssl protocol because mu application is currently deployed with tlsv1.2.

       

      I am mentioning the standalone-full.xml configuration , jvm configuration  and jdk configuration here---

       

      please help if i am doing anything wrong or anymore setting is needed .

       

      1. JVM parameter-

         JAVA_OPTS="$JAVA_OPTS -Dhttps.protocols=TLSv1.2"

         JAVA_OPTS="$JAVA_OPTS -Djdk.tls.client.protocols=TLSv1.2"

         JAVA_OPTS="$JAVA_OPTS -Dsoapui.https.protocols=TLSv1.2"

       

      2. standalone-full.xml parameter-

      <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" enable-lookups="false" secure="true" max-connections="300">

        <ssl name="https" password="mdmitst" certificate-key-file="/local/apps/java_server/engines/jboss/jboss-eap-6.4/mdmws/configuration/mdmitst.jks" protocol="TLSv1.2" verify-client="false" ca-certificate-file="/local/apps/java_server/engines/jboss/jboss-eap-6.4/mdmws/configuration/mdmwsserver.truststore" ca-certificate-password="mdmtrn"/>

      </connector>

      3. jdk configuration -(java/jdk1.7.0_79/jre/lib/security)

        jdk.tls.disabledAlgorithms= SSLv2Hello, SSLv3, TLSv1, TLSv1.1

       

      After doing all these, still my client having protocol ssl is able to connect my application.

      Note (we have not made any hard code change in code to allow ssl).

       

      Thanks in advance.