Config: Disable TLS 1.0 / 1.1
How to run the EveryonePrint MobilePrint server software in a secure environment where older protocols are limited or prohibited.
Issue:
Y Soft customers want the freedom to completely disable TLS 1.0 / 1.1 protocols in the EveryonePrint MobilePrint server.
Resolution:
To effectively disable these protocols, please take the following steps:
- Stop running the EveryonePrint MobilePrint Web service
- Edit <eop-dir>\jre\lib\security\java.security
- Add this line at the end of the file: jdk.tls.disabledAlgorithms=TLSv1, TLSv1.1
- Save the file with the changes and restart the Web service
/EOP%20MobilePrint%20(Legacy)/mceclip0-1.png?width=500&height=197&name=mceclip0-1.png)
You can easily verify that TLS 1.0 and 1.1 are properly disabled by using the "sslscan" utility from SourceForge: SourceForge - SSLScan - Fast SSL Scanner
/EOP%20MobilePrint%20(Legacy)/mceclip1.png?width=500&height=187&name=mceclip1.png)