What encryption protocols/versions are supported with HTTPS Web User interface (TLS 1.1 or TLS 1.2)

Version 1
    Share This:

    This document contains official content from the BMC Software Knowledge Base. It is automatically updated when the knowledge article is modified.


    PRODUCT:

    BMC Performance Manager Portal


    COMPONENT:

    BMC PM Portal



    PROBLEM:

    The documentation states that the Portal User Console can be accessed through HTTPS, but it does not detail what encryption protocol version is used (SSL 3.0, TLS, 1.1 or TLS 1.2). Does Portal support TLS 1.2?

     


    CAUSE:

    Updated Security Scans call for disabling TLS 1.0 so many users are seeking support for TLS 1.2


    SOLUTION:

    BMC has provided a patch which will allow the Portal Appserver/Webserver/RSMs to use TLS 1.2 to communicate.

    To install the patch against the Appserver/Webserver/RSMs, follow the installation instructions in the readme file contained in the patch file:

      readme_BPM_patch_2.11.00.000.013.txt 
      



    If newly installed RSMs with TLSv1.2 are subsequently added follow these steps at the time:  
      1) Install new RSM.

    2) Install the 013 patch manually on RSM.

         ftp://ftp.bmc.com/pub/BPMPortal/Patches/2.11/BPM_patch_2.11.00.000.013.zip
      
      a) Copy RSM_Patch folder from BPM_patch_2.11.00.000.013.zip folder to RSM server. 
      
     
    b) On RSM Server navigate to this location "%RSM_HOME%\RSM211\tools\jdk\bin" and open command prompt at this location.  
     
    c)And execute the following command 
      
      java.exe -jar C:\rsm_jar\RSM_Patch_Files_2.11.00.000.013.jar 
      
      where "C:\rsm_jar\RSM_Patch_Files_2.11.00.000.013.jar"-->is the location of the RSM jar from RSM_Patch folder 
      
    Now 013 patch is installed manually. 

    3) Make this following changes in RSM  
      a) Edit %RSM_HOME%\RSM211\server\rsm\conf\properties\rsm\rsmcfg.properties and add line ( If not exists)  
    com.bmc.patrol.patsdk.communication.payload.transport.ssl.protocol=TLSv1.2  
     
    b) Edit %RSM_HOME%\RSM211\server\rsm\conf\properties\rsm\rsm.properties  
    Add this. (If not exists)  
    #Following will be used when the HTTP Solution is used to monitor the URL. Default is TLS. Do not change it  
    #unless you read the documentation or BMC Support asks to do it.  
    patsdk-http-solution.ssl.protocol=TLS 
      
    4) Restart the RSM and you should see the newly added RSM in Portal. 

    5) If patch status for the RSM is not updated to 2.11.00.000.013, follow this steps.  
      a) Login to Portal database server and login to Portal database user  
           i.e. sqlplus pe/pe@bmcpds  
    b) Execute the following statement:-  
           update agent set patchstatus='UPGRADED' where patchversion='2.11.00.000.013';  
           commit;  
    c)Now you should able to see patch status updated to 2.11.00.000.013 patch in Portal UI.  

     


    Article Number:

    000133877


    Article Type:

    Solutions to a Product Problem



      Looking for additional information?    Search BMC Support  or  Browse Knowledge Articles