WBSP-AS-000160 – The WebSphere Application Server Quality of Protection (QoP) must be set to use TLSv1.2 or higher.

Details

Quality of Protection specifies the security level, ciphers, and mutual authentication settings for the Secure Socket Layer (SSL/TLS) configuration.

Solution

From the administrative console, navigate to Security >> SSL certificate and key management.

Click ‘SSL configurations’.

Click on each SSL configuration.

Under ‘Additional Properties’, click ‘Quality of protection (QoP)’ settings.

At the ‘Protocol’ pull-down menu, select ‘TLSv1.2 or greater’.

Click ‘OK’.

Click ‘Save’.

Restart the DMGR and all the JVMs.

Supportive Information

The following resource is also helpful.

http://iasecontent.disa.mil/stigs/zip/U_IBM_WebSphere_Traditional_V9-x_V1R1_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.

References

800-53|AC-17(2)
CAT|II
CCI|CCI-000068
Rule-ID|SV-95929r1_rule
STIG-ID|WBSP-AS-000160
Vuln-ID|V-81215

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles