This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
LightechdeMexic
Contributor
Contributor
‎2016-05-30 05:47 PM

which version of SSL or TLS supports authentication manager 8.1

which version of SSL or TLS supports authentication manager 8.1

Labels (1)
0 Likes
Reply
2 Replies
JayGuillette
Apprised Contributor Apprised Contributor
Apprised Contributor
‎2016-05-30 08:00 PM

If you have an earlier version of AM 8.1, the server will prefer TLS ver. 1.0 for Browser console connectrions but will accept negotiation down to SSLv3, but with AM 8.1 SP1 Patch 13, you can configure your AM server to use TLS ver. 1.2 and refuse lesser versions such as TLS v. 1.0 or SSL v3 (SL2 has not been supported for a while).  However at this version if you configure for TLS v.1.2, RADIUS will still use SSLv3 unless you disable it (RADIUS), and Trusted realm Authentications will not work.  AM version 8.2 will support TLS v.1.2 for browser consoles and RADIUS

Reply
SeanDoyle
Trusted Contributor Trusted Contributor
Trusted Contributor
‎2016-06-03 11:51 AM

AM 8.1 SP1 Patch 13 has the ability to enable TLS 1.2 mode with caveats (unable to attached replicas while in TLS 1.2 mode, unable to leverage trusted realms and a few others).

 

After applying SP1 Patch 13, there is a script in the /opt/rsa/am/utils directory “configure_tls12_mode.sh” which supports the following switches:

am-consoles-lockdown.png

Webtier also

webtier-lockdown-tls1.2.png

Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.