AnsweredAssumed Answered

Enabling HTTPS (TLS) for DevTest

Question asked by SamManiscalco4211171 on Aug 26, 2016
Latest reply on Dec 22, 2016 by Tushar Ranjan

Hello, I need to implement TLSv1.2 (It must be TLS. SSL is disabled company wide) anywhere in devtest where the username/password is entered:

  • Portal
  • Console
  • Workstation

 

I have contacted CA support, but have yet to receive a response other than "we got your request" so i thought I would reach out to the community to see if anyone has faced a similar issue.

 

I Created my keystore, created my csr, got a signed ceritificate, imported the cert to the keystore, copied the cert to LISA_HOME renamed it to webserver.ks and updated my local.properties as follows:

 

https.protocols=TLSv1.2,TLSv1.1,TLSv1

 

lisa.net.bindToAddress=devtest5.XYZ.com
lisa.net.default.protocol=ssl
lisa.net.keyStore={{LISA_HOME}}webserver.ks
lisa.net.keyStore.password_enc=

 

# enable https and setup the webserver ssl keystore
 lisa.webserver.https.enabled=true
 lisa.webserver.ssl.keystore.location={{LISA_HOME}}webserver.ks
lisa.webserver.ssl.keystore.password_enc=
lisa.webserver.ssl.keymanager.password_enc=
 lisa.webserver.port=443

 

# should lisa workstation use https when launching the portals?
 lisa.portal.use_https=true
 lisa.portal.url.prefix=https://

I have also tried multiple variations and subsets of those properties

 

In IE i get the following error:

This page can’t be displayed

Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings and try connecting to https://devtest5.XYZ.com:1505 again. If this error persists, it is possible that this site uses an unsupported protocol or cipher suite such as RC4 (link for the details), which is not considered secure. Please contact your site administrator.

 

in Firefox I get the following error:

Secure Connection Failed
An error occurred during a connection to devtest5.XYZ.com:1505. SSL received a record that exceeded the maximum permissible length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.

Outcomes