Enabling and disabling TLS protocols

By default, all TLS protocols in OnCommand Workflow Automation are enabled. If you wish to restrict TLS protocols for security reasons, you can enable or disable them.

About this task

You can enable or disable TLS protocols for the following versions:

Steps

  1. Find the standalone-full.xml file in the following location: WFA_install_location\WFA\jboss\standalone\configuration
  2. Add the following protocol configuration:
    <https-listener name="https" socket-binding="https"max-post-size="1073741824" security-realm="SSLRealm"enabled-cipher-suites="TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
    enabled-protocols="TLSv1.1,TLSv1.2"/>
  3. Restart the WFA server.