Configuring the Apache Tomcat server to support TLS 1.2

To comply with the US government SP 800-131 security standard, you can configure the Apache Tomcat server that hosts the HP adapter application to support the Transport Layer Security (TLS) 1.2 protocol.

About this task

You edit the server startup file to add TLS 1.2.

Procedure

  1. Go to HPInstallDir/server and open the server.startup file for editing.
  2. In the file, find the section that starts with set JAVA_OPTS=%JAVA_OPTS% on Windows systems or JAVA_OPTS="$JAVA_OPT on UNIX systems, and add the following lines:
    -Dcom.ibm.oslc.qm.adapter.hpqc.transport.client.protocol=TLSv1.2
    -Dcom.ibm.jsse2.sp800-131=strict
  3. Save and close the file.

Results

You added TLS 1.2 to the server startup file.

What to do next

If you cannot access the adapter from the browser after you change the SSL protocols to TLS 1.2, the browser might not be configured to support the protocol or does not support the protocol. For information about configuring browsers to support TLS 1.2, see Configuring browsers to support TLS 1.2.

Feedback