How do I disable TLS / SSL Security Algorithms in Tornado?

The enabled / disabled security (cryptographic) algorithms used by Tornado are controlled by the Java Virtual Machine (JVM). Certain algorithms (Such as older SSL and TLS methods) can be disabled in the JVM's security settings. For example, to only allow TLS 1.2 you can do the following:

  1. Create a file named security.properties adjacent to your tornado.war file.
  2. In security.properties, add the following line:
    jdk.tls.disabledAlgorithms=TLSv1, TLSv1.1, SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, EC keySize < 224, 3DES_EDE_CBC
  3. Update your launch command of Tornado from:
    java ... -jar docmosisTornado.warto
    java -Djava.security.properties=security.properties ... -jar docmosisTornado.war
  4. Re-launch Tornado.

This setting adds additional restrictions to the active security algorithms Tornado uses.

Feedback

Invalid Input

Sorry, this field will only accept letters and numbers, and not special characters, to limit spam.

Sorry, this field will only accept letters and numbers, and not special characters, to limit spam.

Invalid Input

Applies To

Docmosis-Java Tornado Cloud
Version(s) - ALL -