Security Protocol List

A space-separated list of security protocols preceded by a dash (-) that are not used when connecting to AM. The following protocols are supported:

  • SSLv3

  • TLSv1

  • TLSv1.1

  • TLSv1.2 (Enabled)

  • TLSv1.3 (Enabled)

SSLv2 is always disabled, regardless of the setting.

This property is relevant to all Web Agents using OpenSSL libraries.

To change the default value, set an environment variable, AM_SSL_OPTIONS.

Default: -SSLv3 -TLSv1 -TLSv1.1

Property name

org.forgerock.agents.config.tls

Property aliases

org.forgerock.agents.config.tls (since 4.x)

Type

String

Bootstrap property

Yes

Required property

No

Restart required

No