Message Image

Skip main navigation (Press Enter).

Symantec Access Management

View Only

Back to discussions

Expand all | Collapse all

TLS 1.2 for CA Siteminder Access Gateway (SPS)

Jump to Best Answer

Legacy UserJun 11, 2015 12:57 PM

Hi, To remediate Poodle, I did put in SSLProtocol All -sslv2 -sslv3 on the Secure proxy httpd-ssl.conf. ...

Chris BertagnolliJun 11, 2015 01:20 PMBest Answer

Are you sure it is doing even TLS 1.1? The proxy seems to bundle OpenSSL 0.9.8 which only does up to ...

Legacy UserJun 11, 2015 01:30 PM

you are right. Ran it through SSLchecker. It doesn't do 1.1 Thank you! that answers my question. ...

1. TLS 1.2 for CA Siteminder Access Gateway (SPS)

0 Recommend
Legacy User
Posted Jun 11, 2015 12:57 PM

Reply Reply Privately
Hi,

To remediate Poodle, I did put in SSLProtocol All -sslv2 -sslv3 on the Secure proxy httpd-ssl.conf.

But, this doesn't seem to enable support for tls1.2.

However, TLS1.0 and 1.1 seem to be supported.

Is there any way we can enable support for TLS 1.2 in the SPS?

Regards,
Anand.
2. Re: TLS 1.2 for CA Siteminder Access Gateway (SPS)
Best Answer

0 Recommend
Chris Bertagnolli
Posted Jun 11, 2015 01:20 PM

Reply Reply Privately
Are you sure it is doing even TLS 1.1? The proxy seems to bundle OpenSSL 0.9.8 which only does up to TLS 1.0.

There's an idea here, which is marked as "currently planned", to upgrade to later OpenSSL versions and support TLS 1.1 and 1.2

CA Secure Proxy Server 12.52.x support for TLS 1.1 and 1.2
3. Re: TLS 1.2 for CA Siteminder Access Gateway (SPS)

0 Recommend
Legacy User
Posted Jun 11, 2015 01:30 PM

Reply Reply Privately
you are right. Ran it through SSLchecker. It doesn't do 1.1

Thank you! that answers my question.

Regards,
Anand.

Copyright 2019. All rights reserved.

Powered by Higher Logic