Configuring TLS secure protocol

This topic describes how to configure the Transport Layer Security (TLS) secure protocol version for BRPM.

By default, from 5-0-03-001-Patch-1-for-Service-Pack-3 onward, the TLS version is set to 1.2. However, you can change the version to any of the supported versions. Note that by using an older version of TLS, you might increase the risk to security vulnerabilities.

Configuring TLS version for Classic UI

1. Stop BMC Release Process Management service.

2. Go to the RLMHome\server\jboss\standalone\configuration location and open the file corresponding to your environment:

   Configuration	Deployment	File
   HTTP	Non-high-availability	standalone-full.xml
   	High-availability	standalone-full-ha.xml
   HTTPS	Non-high-availability	standalone-full-https.xml
   	High-availability	standalone-full-ha-https.xml

3. Search for the following SSL attribute in the configuration file. 
   "protocol=TLS1.2"
4. Update the values for the SSL protocol that match your requirement. 
   For example, if you specify protocol="TLSv1,TLSv1.1,TLSv1.2", BRPM supports all specified versions of TLS.
   To support a specific version, specify the version as the value. 
5. Save changes and restart the BMC Release Process Management service.

Configuring TLS version for 

Some content is unavailable due to permissions.

1. Stop BMC Release Lifecycle Management Requester UI.
2. Go to C:\Program Files\BMC Software\RLMUI\apache\conf and open httpd.conf file.
3. Search for "SSLProtocol" attribute and update the values that match your requirement. 
   For example, if you specify "SSLProtocol all -SSLv2 -SSLv3",  BRPM supports all specified versions of TLS except SSLv2 and SSLv3.
4. Save changes and restart the BMC Release Lifecycle Management Requester UI.