How to Disable the Use of TLSv1.0 within a Secure Global Desktop Deployment
(Doc ID 2171103.1)
Last updated on AUGUST 25, 2022
Oracle Secure Global Desktop - Version 5.2 to 5.4 [Release 5.0] Information in this document applies to any platform.
This document outlines the procedure to disable the use of the TLSv1.0 Protocol within a Secure Global Desktop (SGD) Deployment, as is enabled by default. This action may be taken by an SGD Administrator who is working to curate the list of available ciphers that is presented to connecting clients in order to meet site-specific security or auditing requirements.
This guidance is relevant for SGD 5.2, 5.3, and 5.4.
Please Note: this configuration change will reduce the list of cipher suites and protocols that the SGD web server will support, which may have an impact on the supported clients connecting to the customized SGD server. Specifically: any client that was relying on the use of TLSv1.0 Ciphers/Protocols will no longer able to connect to SGD or the SGDGW after these changes have been applied. We expect this will particularly impact clients running older versions of browsers, as well as some releases of Java 6 and Java 7 of the Java plug-in.
Reciprocally, some deployments with controlled client software may choose to take an even more dramatic step, for example disabling all early versions of SSL & TLS, explicitly enabling only the latest standard version. (This might be done using strings of the format [SSLProtocol -ALL +TLSv1.2] where appropriate below.)
For this reason, the guidance provided in this document is AS-IS, and the SGD (and site) Administrators should thoroughly test any changes of this type with a range of clients representative of the user base before applying this update to a production deployment.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!