How to Disable TLS 1.0 and TLS 1.1 in ADAudit Plus?
In this article:
Objective
Prerequisites
Steps to follow
Validation and confirmation
Tips
Related topics and articles
Objective
This article explains how to disable the TLS 1.0 and TLS 1.1 protocols in ManageEngine ADAudit Plus. Disabling these outdated protocols strengthens your network security by ensuring communication only occurs over the more secure TLS 1.2 protocol.
Prerequisites
Before proceeding, ensure the following requirements are met:
Access to the ADAudit Plus server.
Administrator privileges on the system running ADAudit Plus.
SSL must be enabled in ADAudit Plus:
Navigate to Admin > General Settings > Connection.
Ensure Enable SSL Port [https] is checked.
Click Save.
Stop the ADAudit Plus service before making configuration changes.
Steps to follow
1. Backup and Edit server.xml
Navigate to:
<Installation Directory>\ADAudit Plus\conf\Take a backup of the server.xml file.
Open the file using a text editor (e.g., Notepad++ or VS Code).
2. Update SSL Protocols in server.xml
Locate the <Connector> tag near the bottom of the file.
Replace the following line:
sslProtocols="TLSv1,TLSv1.1,TLSv1.2"With this:
sslenabledProtocols="TLSv1.2"
3. Update Cipher Suites in server.xml
In the same <Connector> tag, update the ciphers attribute with the following:
ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
TLS_RSA_WITH_AES_128_CBC_SHA256,
TLS_RSA_WITH_AES_128_CBC_SHA,
TLS_RSA_WITH_AES_256_CBC_SHA256,
TLS_RSA_WITH_AES_256_CBC_SHA"
Save and close the server.xml file.
4. Edit wrapper.conf
Navigate to:
<Installation Directory>\ADAudit Plus\conf\Backup the wrapper.conf file.
Open it in a text editor.
Search for any entries containing TLSv1 or TLSv1.1 and remove them.
5. Edit servicemonitor.bat
Navigate to:
<Installation Directory>\ADAudit Plus\bin\Open servicemonitor.bat in a text editor.
Remove any TLSv1 or TLSv1.1 references.
6. Restart ADAudit Plus
Start the ADAudit Plus service using services.msc.
Validation and confirmation
After starting ADAudit Plus, open a browser and navigate to the application using https.
Confirm that the site loads without errors and that only TLS 1.2 is negotiated using browser developer tools or SSL checking tools.
Tips
Regularly audit configuration files for compliance and best practices.
Document the changes for future internal audits.
Related topics and articles
New to ADSelfService Plus?
Related Articles
Troubleshooting 2FA in ADAudit Plus
In this article : Issue description Prerequisites Possible causes Resolution Related topics and articles How to reach support Issue description ● What is the issue? Two-factor authentication (2FA) in ADAudit Plus adds an extra layer of security by ...How to manage archive files in ADAudit Plus
Objective This article offers a comprehensive, step-by-step guide on modifying the custom path for archived log storage and migrating existing archives to the newly designated location. Prerequisites Have access to the ADAudit Plus web console. Have ...ADAudit Plus reports show ADManager Plus service account instead of actual user
In this article: Issue description Prerequisites Possible causes Resolution Related topics and articles How to reach support Issue description When viewing user enable or disable events in ADAudit Plus reports, the actions appear as performed by the ...ADAudit Plus reports show ADManager Plus service account instead of actual user
In this article: Issue description Prerequisites Possible causes Resolution Related topics and articles How to reach support Issue description When viewing user enable or disable events in ADAudit Plus reports, the actions appear as performed by the ...How to enable SSL manually in ADAudit Plus
In this article : Objective Prerequisites Steps to follow Validation and confirmation Tips Related topics and articles Objective This article provides step-by-step guidance on how to enable SSL manually in ADAudit Plus. Securing ADAudit Plus with SSL ...