SSL Protocol Configuration
In versions prior to TDV 7.0.8, TDV and Business Directory were configured to use only TLSv1 as the SSL protocol.
TDV 8.2 and above now use Java 11 which defaults to TLS v1.3.
If you want to make additional restrictions for SSL protocols then follow the next steps for configuration.
TDV
1. Start TDV Server and launch the TDV Studio.
2. In the TDV Studio client, open the Administration > Configuration dialog and search for "Disabled Protocols for SSL Connectors”.
3. The default TDV value for “Disabled Protocols for SSL Connectors” is “SSLv2Hello, SSLv2, SSLv3”. Other valid values are “TLSv1, TLSv1.1, TLSv1.2, TLSv1.3, DTLSv1.0, DTLSv1.2”.
4. Restart the TDV Server.
TDV Business Directory:
1. Start Business Directory server.
2. To make changes on server configuration, you may use rest api with your own tool. Using CURL, the call will look like:
curl -X PUT -u admin:<Business Directory admin password> "https://<Business Directory IP>:9502/rest/v2/configs/_server_communications_sslProtocolsToRemove" -d "value=SSLv2Hello,SSLv2,SSLv3"
Note: the api document is available at https://<TDV Business Directory IP>:9502/directory/api-docs/#!/configs/setValue
3. The default TDV value for “Disabled Protocols for SSL Connectors” is “SSLv2Hello, SSLv2, SSLv3”. Other valid values are “TLSv1, TLSv1.1, TLSv1.2, TLSv1.3, DTLSv1.0, DTLSv1.2”.
4. Restart the Business Directory server.