Documentation

Enable TLS 1.3 for AEM 6.5.24 on Windows Server 2022

Last update: Thu Feb 19 2026 00:00:00 GMT+0000 (Coordinated Universal Time)

In AEM 6.5.24 running on Windows Server 2022 with JBoss, TLS 1.3 isn’t enabled by default even though the platform supports it. This article explains how to update the JBoss configuration to enable TLS 1.3 for secure HTTPS connections. To fix this, add TLSv1.3 to the enabled protocols in the JBoss configuration and restart the server.

Description description

Environment

  • Product: Adobe Experience Manager Forms (JEE)
  • Version: 6.5.24, 6.5.23
  • Operating System: Windows Server 2022
  • Application Server: JBoss
  • Java Development Kit: jdk11.0.19
  • Constraints: All components must meet Adobe’s supported platform matrix requirements

Issue/Symptoms

  • TLS 1.3 isn’t enabled by default in the JBoss configuration for AEM Forms on Windows Server 2022.
  • The operating system and bundled components support TLS 1.3, but HTTPS connections use older protocols.

Resolution resolution

Follow these steps to enable TLS 1.3:

  1. Stop the JBoss server.
  2. Navigate to the configuration directory for your AEM Forms installation.
  3. Open the lc_turnkey configuration file.
  4. Ensure SSL is already configured and applied to your JBoss server.
  5. Locate the https-listener tag in the configuration file.
  6. Add or update the enabled-protocols attribute to include TLSv1.3.
  7. Delete all svc folders and tmp directories within the standalone directory of your JBoss installation.
  8. Restart the JBoss server.
  9. After startup, verify TLS 1.3 is enabled by checking your browser’s security settings when accessing AEM over HTTPS.

Notes

  • Both TLSv1.2 and TLSv1.3 can be specified if required; include both protocols in the enabled-protocols attribute as needed.
  • Ensure all platform components (JBoss, JDK, OS) comply with Adobe’s supported platform matrix before enabling TLS 1.3.
  • Steps are based on standard configuration practices for RHEL environments but apply to Windows Server as described.
  • Verification can be done by inspecting connection details in a supported browser after accessing AEM over HTTPS.
recommendation-more-help
3d58f420-19b5-47a0-a122-5c9dab55ec7f