BMC requests customers to update TLS 1.2 High Ciphers for BMC Helix Client Gateway for ITSM / Service Management subscription service customers.

How to Check BMC Helix Client Gateway is enabled with TLS1.2 High Ciphers.

Login to the on-premises client gateway and navigate to conf directory:

Locate kwic-config.xml and verfify services in the configuration file.

Forward Services:

All forward services has to be as below


Reverse services:

All reverse services has to be as below



If the services are as above,on-premises client gateway is already enabled with TLS1.2 high ciphers and No action is required.

In case of any differences follow below steps: Download Sample Service Configuration for reference


1. Backup kwic-config.xml

2. Update individual services on the on-premises client gateway to match below.

Forward Services:

All forward services has to be as below

Download Forward Service Configuration

Reverse services:

All reverse services has to be as below

Download Reverse Service Configuration
3. Backup on-premises gateway logs

4. Restart on-premises Client gateway service

5. Test the integrations

In case of assistance submit a new case through Support Central > Case Management to request techincal help in updating the TLS1.2 High Ciphers, with the subject title "BMC Helix Client Gateway enable TLS1.2 High ciphers- Assistance Request".

NOTE: Please attach kwic-config.xml from the on-premises client gateways while raising a support case

Enabling TLS1.2 High Ciphers can be performed at anypoint of time,follwed by a Service restart of the on-premises BMC Helix Client Gateway.