0

My Security Team flagged us about "Vulnerability Assessment" and WSO2 port 9711 flagged still has TLS1.0, TLS1.1.

I Tried to remove TLS1.0, TLS1.1 for 9711 from deployment.toml and nothing happen, run the tools again still have TLS1.0, TLS1.1 for 9711.

We are using wso2am-3.1.0

WSO2 port 9711 using NMAP

deployment.Toml

How to disable TLS1.0 and TLS1.1 port 9711 in WSO2?

#data bridge config
[transport.receiver]
type = "binary"
worker_threads = 10
session_timeout = "30m"
keystore.file_name = "$ref{keystore.tls.file_name}"
keystore.password = "$ref{keystore.tls.password}"
tcp_port = 9611
ssl_port = 9711
ssl_receiver_thread_pool_size = 100
tcp_receiver_thread_pool_size = 100
ssl_enabled_protocols = ["TLSv1.2"]
ciphers = ["SSL_RSA_WITH_RC4_128_MD5","SSL_RSA_WITH_RC4_128_SHA"]

ssl_enabled_protocols = ["TLSv1.0,TLSv1.1,TLSv1.2"] <= ACTUAL VALUE

ssl_enabled_protocols = ["TLSv1.2"] <= UPDATE VALUE

0 Answers0