The Integration Agent and TLS 1.1


Now that xMatters will no longer support TLS 1.1, how can I make sure my Integration Agents don't use TLS 1.1?


xMatters Integration Agent


To disable TLS 1.1 in the xMatters Integration Agent:

  1. In your Integration Agent installation folder, open the file. This can usually found here: <IAHOME>/jre/lib/security/
  2. Locate this line: jdk.tls.disabledAlgorithms=
  3. Add TLSv1.1 to the list.

To test if the xMatters Integration Agent is using TLS 1.1:

  1. Create a backup of your <IAHOME>/conf/wrapper.conf file.
  2. Open the original file in your preferred text editor and after the last uncommented line, add:
  3. Next to that, add the next number in line, and then: For example:
  4. Stop the agent.
  5. Restart the agent in console mode using a command (for example: <IAHOME>/bin/start_console)
  6. Once you see this line: Current heartbeat status is changed from UNKNOWN to PRIMARY_ACCEPTED on your keyboard, press ^C twice to break out of the console_mode.
  7. Copy the output from the start console stream to a .txt file, and search for:
    "ClientHello": {  "client version"
    It should show the transport layer version, for example:
    "ClientHello": { "client version": "TLSv1.2",

Note: Java 8 defaults to TLS 1.2, but unless there is a line to specifically disable TLS 1.1, it can fail back if 1.2 is not available.

Was this article helpful?
0 out of 0 found this helpful



Article is closed for comments.