ALM TLS Compliance?

Question ID: 109274
1
0

I was informed that the TLS Bridge for our DEV ALM application server will be targeted (via deployment) tonight to disable TLS 1.0 & 1.1 and enable TLS 1.2 followed by a reboot.

Are there any known issues that can occur? I plan to validate normal ALM UI & Site Admin functionality but is there anything else you can suggest I check/confirm/test?

Marked as spam
Posted by (Questions: 176, Answers: 12)
Asked on February 4, 2020 12:58 pm
13 views
Answers
1
Private answer

Is your ALM server using HTTPS? (e.g. you get to that ALM instance with a URL like "https: // mySecureServer:8443 / qcbin").

When using HTTPS/SSL with ALM/QC, the Default HTTPS settings are the older TLS 1.0 and 1.1 with SSL3.

In the QC/ALM Install Guide (12.53 and later), there is a section called "Use TLS 1.2 instead TLS 1.1, TLS 1.0 or SSLv3", it tells you how to alter the jetty-ssl.xml file to disable the older protocals and enable the newer TLS 1.2. Do that then cycle the ALM service.

If you are NOT using HTTPS, but instead are using HTTP (e.g. "http: // myInSecureServer:8080 / qcbin", the TLS settings on the server are irrelevant.

Marked as spam
Posted by (Questions: 3, Answers: 447)
Answered on February 4, 2020 1:04 pm