One of our ISD application web service consumers has said they just disabled TLS 1.0 on their side and can no longer access the secure web services we host using ISD.
Does that mean that ISD 11.3.1.2 only has TLS 1.0 enabled out of the box? We are being asked to switch to TLS 1.2, which I thought ISD already supported out of the box. But now, not so sure. Seems like it should since TLS 1.2 was defined 10 years ago in 2008.
_________________
Choose a job you love, and you will never have to work a day in your life. - Confucius
_________________ IBM Software Services Group
Any contribution to this forum is my own opinion and does not necessarily reflect any position that IBM may hold.
My coworker was able to resolve this on 11.3 with an all-encompassing dynamic setting change in WAS (no WAS restart required)!
11.3 has SSL_TSL which supports all SSL and TLS 1.0, but not TLS1.2.
11.7 has SSL_TLSv2, which supports all SSL and TLS variants.
For WebSphere Network Deployment:
In WebSphere administration console,
Navigate to:
Security -> SSL certificate and key management ->SSL configurations ->IISSSL Configuration -> Quality of Protection (QoP) settings
Update Protocol from SSL_TLS to SSL_TLSv2 and click OK, and Save.
Navigate to:
Security -> SSL certificate and key management ->SSL configurations ->NodeDefaultSSL Settings -> Quality of Protection settings
Update Protocol from SSL_TLS to SSL_TLSv2 and click OK, and Save.
_________________
Choose a job you love, and you will never have to work a day in your life. - Confucius
Thanks for that info!! This makes sense --- in the end, what ISD is doing is deploying, on your behalf, a normal WAS enterprise application, with all its required bits (EAR, etc.). ....WAS has a w ...
Add To Favorites View next topic View previous topic
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
