Stronger SSL options with ALM and SSL/TLS?
| ♥ 0 |
Our scanner has found that ALM is running SSL with weak protocols and ciphers such as SSL Version 2 and 3 Protocol Detection, SSL 64-bit Block Size Cipher Suites Supported (SWEET32) and SSL RC4 Cipher Suites Supported (Bar Mitzvah). How can we edit the configuration to fix these 3 items. Our tool says to "Reconfigure the affected application, if possible, to avoid use of RC4 ciphers. Consider using TLS 1.2 with AES-GCM suites subject to browser and web server support."
Marked as spam
|
Posted by |
Private answer
HPE/Microfocus does NOT recommend attempting to change the SSL/TLS protocols or ciphers directly under ALM. Currently, the ALM versions which support (limited support) TLS 1.2 are ALM 12/50 Patch 5 and 12.55 however these versions have some limitations: (see below from 12.50-P5/12.55 Readme) ++++++++++++ 12.50 P5 and 12.55: * Lab Host: Lab Host is not supported when ALM is configured with TLS 1.2. * ALM Webgate Customization tool: If an external tool (e.g., UFT, Load Runner, Business Views Excel reports) is using the ALM Webgate Customization tool, TLS 1.2 is not supported when logging in to ALM. * Excel add-in: .NET 4.5 is a prerequisite for working with TLS 1.2. ++++++++++++ Therefore, regrettably there is not yet any ALM version which has full support for TLS 1.2. Marked as spam
 Posted by pt-barnum (Questions: 4, Answers: 509) Answered on December 19, 2017 6:53 pm
|