Make the Internal FileCatalyst Webserver TLSv1.2 Complaint
Posted by Aly Essa, Last modified by Aly Essa on 01 October 2020 02:08 PM

Overview


The FileCatalyst Server is now configured to use TLSv1.2 for all data and control channel communications. These security settings are enabled and configured out of the box for any installation of v3.8.1 and newer.

We have received reports that our internal Grizzly web server is not secured using the same TLSv1.2 protocol. While our engineering team investigates this and fixes it for future builds our clients can use this article to manually configure the TLSv1.2 settings on the embedded Grizzly server.


Environment

FileCatalyst Server v3.8.1 and older.


Resolution

  1. Shut down the FileCatalyst Server and disconnect all Remote Admin applications.
  2. Open the java.security file located in the installation directory of the FileCatalyst Server.

    For Windows, the default path would be: C:\Program Files\FileCatalyst Server\jre\lib\security\java.security
    For Linux, the default path would be: /opt/utechsoft/server/jre/lib/security/java.security

  3. Search for jdk.tls.disabledAlgorithms and add the following to the existing block:

    jdk.tls.disabledAlgorithms= SSLv2Hello, SSLv3, TLSv1, TLSv1.1

  4. Save your changes and restart the FileCatalyst Server service.