The WebSphere Application Server Quality of Protection (QoP) must be set to use TLSv1.2 or higher.

An XCCDF Rule

Description

<VulnDiscussion>Quality of Protection specifies the security level, ciphers, and mutual authentication settings for the Secure Socket Layer (SSL/TLS) configuration.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-95929r1_rule
Severity: Medium
References: CCI-000068
Updated: about 1 year ago

From the administrative console, navigate to Security >> SSL certificate and key management.

Click "SSL configurations".

Click on each SSL configuration.
Under "Additional Properties", click "Quality of protection (QoP)" settings.

At the "Protocol" pull-down menu, select "TLSv1.2 or greater".

Click "OK".

Click "Save".

Restart the DMGR and all the JVMs.

The WebSphere Application Server Quality of Protection (QoP) must be set to use TLSv1.2 or higher.

Description

Remediation - Manual Procedure