EUEM - How to prevent old SSL/TLS versions from being used in the web UI?

Version 2
    Share:|

    This document contains official content from the BMC Software Knowledge Base. It is automatically updated when the knowledge article is modified.


    PRODUCT:

    BMC Real End User Experience Monitoring - Software Edition


    COMPONENT:

    TrueSight Analyzer


    APPLIES TO:

    All versions of Real User Analyzer and Real User Collector from BMC Real End-User Experience Monitoring - Software Edition



    PROBLEM:

    BMC Real End-User Experience Monitoring - Software Edition (EUEM) components have a web server that use old SSL/TLS technologies.

    How can the old SSL/TLS technologies be removed so the web server so that communications to the web UI is more secure?


    SOLUTION:

    To remove the old SSL/TLS technologies for the Real User Collector, perform the following steps

       
    1. Locate the server.xml file in the following directory.      
           
      1. <Collector installation directory>/collector/apache-tomcat/conf/
      2.   
    2.  
    3. Make a backup copy of the file.
    4.  
    5. Edit the server.xml file. Look for the sslEnabledProtocols field.
    6.  
    7. Change the field value to remove the old SSL/TLS technologies: SSLv2Hello and TLSv1. The new field should look like this     
           
      1. sslEnabledProtocols="TLSv1.1,TLSv1.2"
      2.   
    8.  
    9. Save the file.
    10.  
    11. Restart the Real User Collector for the changes to take effect.
      
    To remove the old SSL/TLS technologies for the Real User Analyzer, perform the following steps  
       
    1. Locate the server.xml file in the following directory.      
           
      1. <Analyzer installation directory>/analyzer/apache-tomcat/conf/
      2.   
    2.  
    3. Make a backup copy of the file.
    4.  
    5. Edit the server.xml file. Look for the sslEnabledProtocols field.
    6.  
    7. Change the field value to remove the old SSL/TLS technologies: SSLv2Hello and TLSv1. The new field should look like this     
           
      1. sslEnabledProtocols="TLSv1.1,TLSv1.2"
      2.   
    8.  
    9. Save the file.
    10.  
    11. Restart the Real User Analyzer for the changes to take effect.

     


    Article Number:

    000167273


    Article Type:

    Solutions to a Product Problem



      Looking for additional information?    Search BMC Support  or  Browse Knowledge Articles