CA Service Management

Expand all | Collapse all

Configure Tomcat for TLSv1.2 on CA SD 14.1

  • 1.  Configure Tomcat for TLSv1.2 on CA SD 14.1

    Posted 01-18-2019 07:10 AM



    We have a tomcat server v7.0.23, and we want to parameter it only for TLS1.2.


    But after following several tutorials (modifying server.xml, adding options at the start of tomcat, ...) but nothing works.
    We're still in TLSv1.0.


    Is there any trick to activate TLSv1.2 on tomcat ?

  • 2.  Re: Configure Tomcat for TLSv1.2 on CA SD 14.1

    Broadcom Employee
    Posted 01-18-2019 06:26 PM

    A connector entry like mentioned here might help, assuming the Tomcat/Java version that you are using does support TLS 1.2


    Enable SSL in Tomcat for CA Service Desk Manager u - CA Knowledge 


    <Connector SSLEnabled="true" 


    clientAuth="false" keystoreFile="C:\keystore\sdmcert.pfx" 

    keystorePass="YOURPASSWORD" keystoreType="PKCS12" 

    maxThreads="150" port="8443" protocol="HTTP/1.1" scheme="https" secure="true" sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" sslProtocol="TLS"/>



  • 3.  Re: Configure Tomcat for TLSv1.2 on CA SD 14.1

    Posted 03-01-2019 06:59 AM


    This configuration does not change the protocol used, which will always be TLS V1.0, even if I only sslEnabledProtocols="TLSv1.2".