Logjam Vulnerability

In order to mitigate for the Logjam vulnerability, changes to the following configuration files are required:

CM1:

This only affects customers that have configured CM1 to use SSL. Please review the updated documentation on SSL here, specifically the protocols and ciphers attributes are added to /AppServer/server/rx/deploy/jboss-web.deployer/server.xml.

DTS:

Update \Percussion\Deployment\Server\conf\server.xml

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" keystoreFile="conf/.keystore" xpoweredBy="false" protocols="TLSv1,TLSv1.1,TLSv1.2" ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA"/>

Note that if you are using Staging, you will need to update the server.xml there as well.