Article - CS304124
Configuring Apache Tomcat to use specific versions of TLS for ThingWorx Platform
Modified: 16-Oct-2024
Applies To
- ThingWorx Platform 8.0 F000 to 9.6
Description
- Configuring ThingWorx to only use TLS 1.2 on Windows, RHEL, and Ubuntu
- Restrict TLS version to TLS 1.2 on Apache Tomcat
- Disable ciphers for TLS 1.1 and TLS 1.0 in ThingWorx Platform
- Security scan on servers which checks for any vulnerabilities, reports that TLSv1.0 is enabled
- Leaving TLS 1.0 and/or TLS 1.1 enabled is considered a security vulnerability and needs to be mitigated
- Clients should be able to form unsecured connections with ThingWorx Platform
- Disabling TLS 1.0 and 1.1 is not working as expected, clients can still form connections with these protocol versions
- What is the recommended TLS version for ThingWorx
- How to reconfigure ThingWorx Foundation instance from HTTP connection to HTTPS connection
This is a printer-friendly version of Article 304124 and may be out of date. For the latest version click CS304124