Configuring Engineering Lifecycle Management with TLSv1.2 and TLSv1.3

Edit online

You can enable TLS 1.2 and TLS 1.3 to secure the Engineering Lifecycle Management server.

About this task

To configure the WebSphere® Liberty server server to enable TLSv1.3 along with TLSv1.2 (non-strict mode), or only TLSv1.3.

Note: TLSv1.3 is enabled by default for the embedded WebSphere Liberty server. Hence, no additional configuration is required to enable TLSv1.3 for the embedded WebSphere Liberty server.
Perform the following steps to configure Engineering Lifecycle Management with TLSv1.2 and TLSv1.3 for separately installed WebSphere Liberty server.

Procedure

  1. Open the server.xml file from the <JazzInstallDir>/server/liberty/servers/clm directory.
    Important: You must start the Engineering Lifecycle Management serve at least once to generate the clm directory.
  2. In the <ssl id="defaultSSLConfig" section, change the sslProtocol attribute to sslProtocol="TLSv1.3,TLSv1.2".
  3. Save an close the server.xml file.
  4. Restart the Engineering Lifecycle Management servers.