Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux

35.3. Configuring the Certificate Server Component

  1. To configure Certificate Server (CS) manually, open the /etc/pki/pki-tomcat/server.xml file. Set all occurrences of the sslVersionRangeStream and sslVersionRangeDatagram parameters to the following values: 
    sslVersionRangeStream="tls1_2:tls1_2"
sslVersionRangeDatagram="tls1_2:tls1_2"
    Alternatively, use the following command to replace the values for you: 
    # sed -i 's/tls1_[01]:tls1_2/tls1_2:tls1_2/g' /etc/pki/pki-tomcat/server.xml
  2. Restart CS: 
    # systemctl restart pki-tomcatd@pki-tomcat.service