Enabling TLSv1.2 in SOAtest/Virtualize
Parasoft: Enabling TLSv1.2 in SOAtest/Virtualize:
SOA/Virt 9.10 and up now comes prepackaged with Java1.8 which has TLSv1.2 enabled by default. The Java version that comes with all the previous SOA/Virt versions does not. If you are using SOA/Virt 9.9.5 and below, there are two methods to enable TLSv1.2.
Method 1 (Recommended):
The recommended and overall best solution is to run the tool with Java1.8. Java1.8 has TLSv1.2 enabled by default.
To do this, simply run your tool with the following command:
-Zjava_home "c:/Program Files/Java/jdk1.8.x_xx"
If you wish to use Java1.8 every time the tool is run (in Windows), please add the command to the end of the target field in the tool’s properties:
If you wish to use TLSv1.2, Parasoft ultimately recommends that you run SOA/Virt with Java1.8 (Method 1) as it enables the most modern version of the encryption protocol by default. If you are unable to access Java1.8, the following method will suffice while you receive authorization from management to install Java1.8 on your machine.
Since SOA/Virt is built upon the Eclipse framework, you will need to configure the JVM options in the eclipse.ini file located in the directory below. This directory will be similar for a Linux installation of the tool.
1.Open the eclipse.ini file with notepad.
2.Add the following JVM options after -vmargs:
-Ddeployment.security.SSLv2Hello=false -Ddeployment.security.SSLv3=false -Ddeployment.security.TLSv1=false -Ddeployment.security.TLSv1.1=false -Ddeployment.security.TLSv1.2=true
These options disable all deprecated protocols and enables only TLSv1.2.
We will also need to configure these TLS/SSL settings in the Java Control Panel located in the following directory:
3.Open Parasoft in Program Files.
5.All current versions support TLS (including 9.6)
11.Double click Javacpl.exe
12.The Java Control Panel (Javacpl) will open. Select the Advanced Tab and scroll down to “Advanced Security Settings” and check/enable the “Use TLS 1.2” option. Please uncheck/disable SSL, TLS1.0, and TLS1.1 to ensure that they do not over- ride TLS1.2.
Please note that if you are using a Windows OS, you will need to invoke eclipse.exe from here on in order for these new settings to take effect successfully. You can add eclipse.exe to your start menu or task bar for quick access. This is only required for Method 2 using Windows.