Disable TLS V1.1, enable only TLSv1.2 on WildFly 20.0.1

I am not able to disable TLSv1.1 and 1.0 on WildFly 20.0.1. It is a Keycloak 11.0.0 installation. It's a clustered setup with two nodes in domain mode. I have tried as per documentation, as below under host-master.xml

<ssl>
 <engine enabled-protocols="TLSv1.2"/>
 <keystore ..... />
</ssl>

and even below in domain.xml

<https-listener name="https" socket-binding="https" record-request-start-time="true" security-realm="UndertowRealm" enable-http2="true" enabled-protocols="TLSv1.2"/>

These above configuration doesn't work.

I have tried with JDK8 and JDK11.

Solution

It works with the above configurations. I missed that I had another gateway device in front, which was allowing TLS1. Clients were seeing the SSL sessions from the front device.

WorkFlow Management or Business Process Management System
"Stored procedure 'xxx' may be run only in unchained transaction mode." error when calling a procedure from a DataSource, in an EJB context
Spring Boot 3 on JBoss WildFly and module exclusion
Jboss 7 custom authenticator
Wildfly migration tool from 8.2.0 to latest
Undertow: Static root-content outside of WAR-file (wildfly)
Deploy time error (java.lang.NoClassDefFoundError: com/sun/net/ssl/internal/ssl/Provider ) in Jboss 7
JNDI "Cannot instantiate class: org.jboss.naming.remote.client.InitialContextFactory"
Connection Pool Monitoring
Illegal access (Quartz with JBoss)
experiensing "Protocol vfs has not been enabled as an allowed protocol" error while deploying the Spring boot WS to JBoss EAP 8
WildFly: HTTP method POST is not supported by this URL
Keycloak Forget password link not open any form to enter password
IDE for JBoss JSF development
IntelliJ Idea lost suddenly JBOSS management port configuration
java.lang.LinkageError: loader constraint violation: when resolving method "org.jboss.resteasy.client.core.executors.ApacheHttpClient4Executor
How do I make a thread dump in JBoss 4.0.5 on Windows
Java Remote kill user session
How to get a list of jboss users over the CLI client
JBoss EAP8 ClassNotFoundException com.sun.security.auth.module.UnixSystem
Is JBoss 8 compatible with java 8?
JBOSS appends charset=ISO-8859-1 in response headers
WildFly always returns the 404 Not Found
How to change the server.log to write to the console in JBoss Wildfly (dcm4chee)
How to define datasource properties for WildFly bootable JAR without openshift CLI?
How to configure external vendor SSL certs into JBoss 7.1
Cannot find declaration of element handler-chains Jboss Developer Studio
Keycloak: getting back from user profile page
SSL on JBOSS AS 7
Keycloak retrieve custom attributes to KeycloakPrincipal