Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search instead for
Did you mean:
Announcements
SecurID®
This is the primary landing page for SecurID, where customers and partners can find product documentation, downloads, advisories, forums and other helpful resources for the product.
Recently some customers have reported that their vulnerability scan report a problem with Weak Ciphers used in TLSv1.2 connections, specifically some of these ciphers can negotiate a Diffie-Helman, DH key size that is only 1024 bytes.
Qualys identifies this as QID 38863 - Weak SSL/TLS Key Exchange
Authentication Manager, at least since version 8.4, has Ciphers that only allow 2048 byte DH keys, including TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
So as long as these Ciphers are used there is no vulnerability. As part of RSA Engineering review and update plans, new Ciphers will be evaluated and implemented into updates, currently targeted for patch 1 on AM 8.7, which is tentatively scheduled for General Availability, GA on August 23rd, 2022.
... View more
Hi, I'm trying to import a new certificate on my RSA SecurID appliances in the virtual host section ( Deployment Configuration → Certificates → Virtual Host Certificate Management ), and when i import the certificate i get this error: This certificate is already imported I already tried also to extract from the p7b only the certificate without the CAs and import only the certificate and i get the same error. /opt/rsa/am/server/logs/ops-console.log: @@@2022-09-29 02:41:31,393 ERROR [[ACTIVE] ExecuteThread: '14' for queue: 'weblogic.kernel.Default (self-tuning)'] GUILog.traceException(587) | exception: com.rsa.ims.security.tools.ssl.exception.InvalidCertificateException: This certificate is already imported at com.rsa.ims.security.tools.ssl.ImportSSLCertConsoleHelper.importP7CertWithException(ImportSSLCertConsoleHelper.java:316) at com.rsa.ims.security.tools.ssl.ImportSSLCertConsoleHelper.importP7Cert(ImportSSLCertConsoleHelper.java:231) at com.rsa.ims.web.operationsconsole.action.ConsoleCertManagementAction.importCert(ConsoleCertManagementAction.java:680) at com.rsa.ims.web.operationsconsole.action.VirtualHostCertManagementAction.importCert(VirtualHostCertManagementAction.java:186) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:269) at com.rsa.ui.common.struts.action.RSABaseDispatchAction.execute(RSABaseDispatchAction.java:180) at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:425) at com.rsa.ui.common.util.RSAWebRequestProcessor.process(RSAWebRequestProcessor.java:221) at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1926) at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:464) at javax.servlet.http.HttpServlet.service(HttpServlet.java:707) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:295) at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:260) at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:137) at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:353) at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:25) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78) at com.rsa.ui.common.security.csrf.CSRFFilter.doFilterInternal(CSRFFilter.java:196) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:106) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78) at com.rsa.ui.common.filter.UrlValidationFilter.doFilter(UrlValidationFilter.java:245) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78) at com.rsa.ims.common.operationsconsole.security.filter.CommonOCIMSSignOnFilter$1.run(CommonOCIMSSignOnFilter.java:179) at com.rsa.ims.security.spi.SimpleSecurityContextImpl.doAs(SimpleSecurityContextImpl.java:113) at com.rsa.security.SecurityContext.doAs(SecurityContext.java:439) at com.rsa.ims.common.operationsconsole.security.filter.CommonOCIMSSignOnFilter.doFilter(CommonOCIMSSignOnFilter.java:176) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78) at com.rsa.ims.common.operationsconsole.security.filter.CommonOCSignOnFilter.doFilter(CommonOCSignOnFilter.java:107) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78) at com.rsa.ims.sso.filter.HeaderValidationFilter.doFilter(HeaderValidationFilter.java:174) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78) at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3800) at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3766) at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:344) at weblogic.security.service.SecurityManager.runAsForUserCode(SecurityManager.java:197) at weblogic.servlet.provider.WlsSecurityProvider.runAsForUserCode(WlsSecurityProvider.java:203) at weblogic.servlet.provider.WlsSubjectHandle.run(WlsSubjectHandle.java:71) at weblogic.servlet.internal.WebAppServletContext.doSecuredExecute(WebAppServletContext.java:2454) at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2302) at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2280) at weblogic.servlet.internal.ServletRequestImpl.runInternal(ServletRequestImpl.java:1721) at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1681) at weblogic.servlet.provider.ContainerSupportProviderImpl$WlsRequestExecutor.run(ContainerSupportProviderImpl.java:272) at weblogic.invocation.ComponentInvocationContextManager._runAs(ComponentInvocationContextManager.java:352) at weblogic.invocation.ComponentInvocationContextManager.runAs(ComponentInvocationContextManager.java:337) at weblogic.work.LivePartitionUtility.doRunWorkUnderContext(LivePartitionUtility.java:57) at weblogic.work.PartitionUtility.runWorkUnderContext(PartitionUtility.java:41) at weblogic.work.SelfTuningWorkManagerImpl.runWorkUnderContext(SelfTuningWorkManagerImpl.java:655) at weblogic.work.ExecuteThread.execute(ExecuteThread.java:420) at weblogic.work.ExecuteThread.run(ExecuteThread.java:360) Anyone has any idea?
... View more
After upgrading from 8.5 to 8.6 and then 8.7, users are unable to authenticate in new PIN mode using Cisco AnyConnect. They input the tokencode, RSA responds by requesting a PIN, the AnyConnect client prompts for PIN and no matter what they input RSA indicates invalid tokencode and the AnyConnect client goes back to requesting a Token code. It initially started after the 8.5 to 8.6 upgrade and to try and resolve I also upgraded to 8.7. As a workaround we have the helpdesk logging in to the self service portal as the user and creating a PIN for the user. We have flushed the cache on each server in our deployment, replication is good, happens regardless of Windows, iPhone or Android token. Currently waiting on Patch1. Just wanted to see if anyone else has this problem or if we found something undiscovered.
... View more
We need to import all the data about the user to another domain (login aliases, token and groups) so far we have only managed to import the tokens. We already tried to carry out the "Import Bulk Requests for User Groups and Tokens" process to import users into a group in the new domain but it shows us the following error: "Invalid Group Name OR Group is not configured in UCM", there is an alternative process ?
... View more
350 
996719
