...
Code Block |
---|
clientSocketTlsVersion= TLSv1.0:TLSv1.1:TLSv1.2
clientSocketCiphers=TLS_RSA_WITH_AES_256_CBC_SHA256 |
...
To configure web application monitoring, add a list of allowed TLS versions and ciphers in uptime.conf using clientHttpCiphers
, clientHttpTlsVersion
, and ':' as delimiter, for example:
...
Code Block |
---|
clientHttpTlsVersion=TLSv1.0: TLSv1.1:TLSv1.2 |
For a full list of supported ciphers, see the Java SE 7 column of the Default Enabled Cipher Suites table in http://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html.
...
To enable specific SSL/TLS versions, you first must disable all other possible versions. For example, to enable only TLSv1.2, add the following code to uptmagnt.conf:
Code Block |
---|
options = NO_SSLv2 options = NO_SSLv3 options = NO_TLSv1 options = NO_TLSv1.1 |
...
Review the following example of uptmagnt.conf with a specific TLS version and cipher:
...