Disabling TLS 1.0 and 1.1 in Java 11
This article explains how to disable the TLS 1.0 and 1.1 protocols used by Java 11.
Oracle disabled the TLS 1.0 and 1.1 cryptographic protocols in Java 11 on April 20, 2021. It is recommended that you disable any enabled TLS 1.0 and 1.1 protocols in your on-premise installation of Java 11. This will provide more secure communication via TLS 1.2.
In addition, if you have any workflows that are using TLS 1.0 or 1.1 connections (e.g., DEP, VPP, and the App Store), it is recommended that you disable the TLS 1.0 and 1.1 protocols.
Disabling TLS 1.0 and 1.1 in Java 11 Manually for Only Jamf Pro
Disabling TLS 1.0 and 1.1 in Java 11 for Your Entire Environment Following Oracle's Instructions
This is a one-time change. The changes you make to the TLS settings will be retained when you upgrade Jamf Pro.
Disabling TLS 1.0 and 1.1 in Java 11 for Jamf Pro
This method disables TLS 1.0 and 1.1 for Jamf Pro and leaves TLS 1.2 as the only version enabled.
-Djdk.tls.client.protocols=TLSv1.2,TLSv1.3Disabling TLS 1.0 and 1.1 in Java 11 for Your Entire Environment
This method disables TLS 1.0 and 1.1 in Java 11 for your entire environment following Oracle's instructions.
- Stop Tomcat.
- Go to the following Oracle webpage: https://java.com/en/configure_crypto.html#DisableTLS
- Edit the conf/security/java.security file as directed by Oracle's instructions.
- Start Tomcat.