Environment
GroupWise 18.x
SUSE Linux Enterprise Server 15
Situation
You found out that your WebAccess web site still supports older SSL protocols or lower TLS1, TLSv1.1.
Resolution
WebAccess on SLES servers depends upon Apache web and limiting protocol versions is a configuration within the Apache web server.
In GW18 we use virtual hosts. Therefore go into /etc/apache2/vhost.d directory and find corresponding configuration file "vhost-ssl.conf".
Open this file by a text editor and under "<VirtualHost _default_:443>" section , find "SSLEngine on" statement/line.
Add new line bellow like:
SSLProtocol all -TLSv1 -TLSv1.1 -SSLv3
Save the file and restart Apache web server.
For testing which protocols your web server supports you use nmap tool. If this tool is not yet installed on your SLES15 server, download it via zypper tool:
zypper in nmap
Then you can test protocol versions by following commands, like in examples bellow:
sles15:~ # nmap --script ssl-enum-ciphers -p 443 <IP of web> | grep TLSv
| TLSv1.2:
sles15:~ # nmap --script ssl-enum-ciphers -p 443 <IP of web> | grep SSLv
sles15:~ #