How do you disable TLS 1.0 and 1.1 in WebAccess on Windows?

  • 7023794
  • 26-Mar-2019
  • 26-Mar-2019

Environment

GroupWise 18

Situation

Customers would like to be able to disable TLS 1.0 and 1.1 for WebAccess in GroupWise on Windows.  

Resolution

To do this, the TLS version directives are the server.xml file located in c:\Novell\GroupWise\Tomcat\conf.  The section should read like this:

    <Connector port="443"
protocol="org.apache.coyote.http11.Http11AprProtocol"
   maxThreads="150" SSLEnabled="true" >
    <UpgradeProtocol
className="org.apache.coyote.http2.Http2Protocol" />
    <SSLHostConfig protocols="TLSv1.2">
    <Certificate
certificateKeyFile="<path_to_key_file>"
certificateFile="<path_to_crt_file"
certificateChainFile="<path_to_cert_chain_crt_file>"
type="RSA" />
    </SSLHostConfig>

The certificateKeyFile, certificateFile and certificateChainFile paths all need to be what the correct path is for the server in question.
    </Connector>