Customizing Secure Communication

Authentication Manager enables secure communication between its components and with external systems. You can configure specific aspects of communication security as needed.

By default, TLS 1.3 is enabled on AM 8.8 (and later) and supports both TLS 1.2 and TLS 1.3. You can choose to enable either one of the TLS mode.

To ensure higher compatibility and secure communication, it is recommended to enable TLS 1.3 in your deployment.

By default, TLS 1.3 is not enabled in the deployments consisting syslog configuration. To use TLS 1.3 with syslog, you must explicitly enable it in the syslog configuration.

The following deprecated agents do not support TLS 1.3. These agents will continue to use TLS 1.2 for secure communication and the procedure to enable TLS 1.3 will not affect them.

• RSA Authentication Agent 7.4.x for Microsoft Windows

• RSA Authentication Agent 8.0.x for Web for IIS

• Custom Agent built using RSA Authentication Agent API 8.x for Java and C
  

Note:  AM 8.8 does not support TLS 1.0 or TLS 1.1. We recommend that you upgrade your external systems to support TLS 1.2 or higher to maintain compatibility and ensure secure communication.

To customize the TLS Protocol Version in your deployment, see Customizing TLS Protocol Version.