enaio® gateway and TLS for Web Accesses

enaio® 10.0 »

By default, enaio® gateway is configured to still support TLS 1.1 and TLS 1.0. This does not meet the requirements set out in the highest security policies, but is still required in some client-specific projects.

Support can be limited to TSL 1.2, and support for TLS 1.1 and TLS 1.0 can be disabled by configuring enaio® gateway. To do this, integrate the security.properties file. The file is saved locally and included via the Java options of enaio® gateway.

The security.properties file is available for download.

  • Save the security.properties file in an installation directory such as ...\services\OS_Gateway\apps\os_gateway\config\.
  • Start the application manager enaio blue gatewayw.exe in the …\services\OS_Gateway\bin directory.
  • Add the following Java options to the Java tab:
    • -Djava.security.properties=<pfad>\security.properties
    • Enter the path to the security.properties file here.

    • -Djdk.tls.ephemeralDHKeySize=2048
    • -Djdk.tls.rejectClientInitiatedRenegotiation=true
  • Restart enaio® gateway.