Layer7 Access Management

Tech Tip : CA Single Sign-On : CA Single Sign-On (SiteMinder) RSA version

  • 1.  Tech Tip : CA Single Sign-On : CA Single Sign-On (SiteMinder) RSA version

    Posted 01-25-2018 06:57 AM

    Question:


    Where can I find the RSA version (which provides the RSAwithSHA1 signing algorithm) that is in use in CA Single Sign-On?

     

    Answer:

     

    The RSA libraries are given in SiteMinder by the ETPKI or CAPKI installation.

     

    "CA Single Sign-On uses RSA libraries through ETPKAI or CAPKI as well as directly."

    https://support.ca.com/us/knowledge-base-articles.TEC1628276.html

     

    Note: ETPKI has been upgraded to 5.1.0 for all components respectively.

    https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/release-notes/cumulative-releases/defects-fixed-in-12-52-sp1-cr06

     

    To get the version for example on Linux Policy Server 12.52SP1CR06, go to the folder :

     

    # cd /opt/CA/siteminder/etpki-install

     

    then read the README_FIPS.txt

     

    # less README_FIPS.txt

     

    You should see :

     

    For FIPS approved cryptographic functionality, CAPKI (ETPKI r5.x) and CA-OpenSSL depend on the following RSA BSafe Crypto-C ME libraries (version 4.0.3) and signature files:

    [lib]cryptocme.[dll|so|sl]

    [lib]cryptocme.sig

    [lib]ccme_base.[dll|so|sl]

    [lib]ccme_ecc.[dll|so|sl]

    [lib]ccme_ecc_accel_fips.[dll|so|sl]

    [lib]ccme_error_info.[dll|so|sl]

    [lib]ccme_asym.[dll|so|sl]

     

    KB : TEC1093687