Disabling SSL protocol versions for junctions
About this task
You can optionally disable one or more SSL protocol versions for junction connections. By default, SSL v2, SSL v3, and TLS v1.3 are disabled. All other supported SSL versions are enabled. The WebSEAL configuration file provides the following entries by default:
[junction]
disable-ssl-v2 = yes
disable-ssl-v3 = yes
disable-tls-v1 = no
disable-tls-v11 = no
disable-tls-v12 = no
disable-tls-v13 = yesNote: When TLS version 1.3 is enabled, SSLv2 and SSLv3 are disabled regardless of
their configuration in accordance with RFC 8446 The Transport Layer Security (TLS) Protocol Version
1.3.
Procedure
To disable an SSL protocol version for
junctions, set the
corresponding entry to
yes.