Server SSL Configuration

By default, the Universal Messaging server supports the following SSL/TLS protocols for secure inbound and outbound communication:

• TLS 1
• TLS 1.1
• TLS 1.2
• TLS 1.3

You can configure the SSLProtocols server parameter to define which TLS versions the server is allowed to use. If the client attempts to use a version that is not defined in SSLProtocols, the connection will fail. The value of the parameter is a comma-separated list of TLS protocols. The default value is TLSv1,TLSv1.1,TLSv1.2,TLSv1.3.

You configure the parameter in the Server_Common.conf file in the Software AG_directory\UniversalMessaging\server\instance_name\bin directory. For example, to specify only TLS 1.2 and 1.3 as allowed protocols, type the following:

wrapper.java.additional.n=-DSSLProtocols=TLSv1.2,TLSv1.3

where n is a unique positive integer.