Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
BENJAMINMORRIS
Beginner
Beginner

TLS 1.2 -- Steps for a deployment without a web tier?

Jump to solution

Referencing this document: 000033354 - How to enable or disable strict TLS 1.2 mode in RSA Authentication Manager 8.2 

 

These instructions are very clear but seem to assume the existence of a web tier in Step 6.

 

What (if any) additional steps are necessary to set up TLS 1.2 if my deployment does NOT have a web tier?

Labels (1)
0 Likes
1 Solution

Accepted Solutions
EdwardDavis
Employee
Employee

No extra steps.

 

A web tier is essentially an advanced, RSA-specific proxy server, that can sit on your DMZ

and allow 'world' access to your self service functions, ctkip, and also RBA from edge devices.

 

Web tiers are optional, and most updates to web tiers are done by making

an update or change to your RSA servers first, then pushing the new update

or change out to the web tiers. 

View solution in original post

2 Replies
EdwardDavis
Employee
Employee

No extra steps.

 

A web tier is essentially an advanced, RSA-specific proxy server, that can sit on your DMZ

and allow 'world' access to your self service functions, ctkip, and also RBA from edge devices.

 

Web tiers are optional, and most updates to web tiers are done by making

an update or change to your RSA servers first, then pushing the new update

or change out to the web tiers. 

JayGuillette
Apprised Contributor Apprised Contributor
Apprised Contributor

To add to Ed's detail, in AM 8.1 SP1 P13 or higher, there were specific Web Tier commands to enable strict TLS on the Web Tiers after or in addition to enabling it on AM primary or replica, but with AM 8.2 once you enable strict TLS on the Primary or Replica, it will automatically update the Web Tiers.  So in your case there are no Web Tiers to update, so nothing more happens or needs to happen.