Disable TLS v1.0, TLS v1.1 and all weaker ciphers on TLS v1.2 on UX

Hi all,

We have a requirement to disable TLS v1.0, TLS v1.1 and all weaker ciphers on TLS v1.2 on Apliqo UX, I understand we may need to modify the configurations on tomcat.

However, what I do not understand is:

  1. What exactly do I need to modify? I have searched many websites and each seems saying different things and I am pretty clueless of what is correct and what is wrong.
  2. When there is an upgrade of Apliqo UX in the future, do I need to re-apply all these settings all over again? It seems to be quite painful already doing the research and I don’t feel like doing this again.

Thanks a lot in advance.


Hi Tat,

I would first refer to the official documentation.

Where you define the SSL connector is where you would need to configure the TLS version.

Another useful thread to look at:

<Connector port="8443" 
 maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
 keystoreFile="ssl/.keystore" keystorePass="changeit"
 clientAuth="false" sslProtocol="SSL" sslEnabledProtocols="TLSv1.2" />