Nav
You are viewing an older version of this section. Click here to navigate to the latest version.

Migrate From TLS 1.0

As TLS 1.0 is no longer accepted by PCi compliance, and considering the significant vulnerabilities around this protocol’s version, we strongly suggest you to migrate to TLS v1.1 and newer.

Since Studio 5.4.3, you are able to edit the TLS configuration file of your Studio and API Gateway runtimes.

Edit Your Runtime’s TLS Configuration File From Studio

From your Studio installation folder, navigate to the plugins directory. There, you need to locate the folder for your server’s runtime and Studio version.
The name of the folder should follow the following form:

org.mule.tooling.server.3.7.3.ee_5.4.x.yyy.mm.dd

Inside it, go to mule/conf directory and open the tls-default.conf file to edit your TLS configuration.
You can find the enabled protocols for your configuration in the enabledProtocols field.

If needed, you can also comment or uncomment lines in the enabledCipherSuites corresponding to your site’s security policy.

Edit Your API Gateway’s TLS Configuration File From Studio

From your Studio installation folder, navigate to the plugins directory. There, you need to locate the folder for your server’s API Gateway and Studio version.
The name of the folder should follow the following form:

org.mule.tooling.apigateway.x.x.x_x.x.x.yyyymmdd

Inside it, go to mule/conf directory and open the tls-default.conf file to edit your TLS configuration.
You can find the enabled protocols for your configuration in the enabledProtocols field.

If needed, you can also comment or uncomment lines in the enabledCipherSuites corresponding to your site’s security policy.

API Gateway 2.1.1, 2.0.4 and 2.2.0 versions have the TLS 1.0 support disabled by default.
You can choose to manually re-enable it by adding TLSv1 to the enabledProtocols field of your tls-default.conf file.

API Gateway versions 1.3.2, 2.0.3, and 2.1.0 still have TLS 1.0 enabled by default.

See Also