Security Enhancement to SSL Configuration for HTTPS

When configuring HTTPS for Code Insight, you must update the tomcat\https\server.xml file in your Code Insight installation directory with site-specific information (see “Enabling HTTPS for a Code Insight Server” in the Code Insight Installation & Administration Guide). For security purposes starting in this release, the default value for the sslEnabledProtocols parameter in SSL section of this file has been changed from "TLSv1.2,TLSv1.1,TLSv1" to "TLSv1.2":

...

keystorePass="palamida"

clientAuth="false"

sslProtocol="TLS" sslEnabledProtocols="TLSv1.2"
keystorePass="palamida"

...

Whenever you manually configure this file for HTTPS configuration, ensure that you do not change the default "TLSv1.2" to another value.

This new default is included in the server.xml file when you install (or upgrade to) Code Insight 6.14.2 SP1 and future versions.

Security Enhancement to SSL Configuration for HTTPS

Code Insight 6.14.2 SP1 Release Notes

May 2021