Disable SSL protocol versions for junctions
We can optionally disable one or more SSL protocol versions for junction connections. By default, SSL v2, SSL v3, and TLS v1.3 are disabled. All other supported SSL versions are enabled. The WebSEAL configuration file provides the following entries by default:
[junction] disable-ssl-v2 = yes disable-ssl-v3 = yes disable-tls-v1 = no disable-tls-v11 = no disable-tls-v12 = no disable-tls-v13 = yesWhen TLS version 1.3 is enabled, SSLv2 and SSLv3 are disabled regardless of their configuration in accordance with RFC 8446 The Transport Layer Security (TLS) Protocol Version 1.3.
To disable an SSL protocol version for junctions, set the corresponding entry to yes.
Parent topic: SSL-based standard junctions