Idea Details

Ability to have ARCOT (CA Strong Authentication) support TLS 1.1 and TLS 1.2

Last activity 05-31-2019 03:44 PM
gswanger's profile image
04-14-2016 10:04 AM

Currently ARCOT does not support TLS 1.1 and TLS 1.2.  Many banks and payments within the banking community are requiring that their users disable TLS 1.0 and move to TLS 1.1 and TLS 1.2 to mitigate the security risk associated with POODLE and BEAST virus.  The Office of the Comptroller of the Currency has had increased customer concern that the CA Strong Authentication does not able TLS 1.0 to be disabled and TLS 1.1 or TLS 1.2 to be used.


CA Case was opened (00352748) and sent to engineering with ticket #de159012  for possible enhancement and also raised here in the CA Strong Authentication Community.


CA as a security provider, it would seem that to enable and allow a higher version of TLS on their existing products would help customers mitigate the risks of existing virus's on TLS 1.0.


05-10-2016 07:05 PM

This is in the upcoming 7.x service pack and the upcoming 8.1.3 release.

04-28-2016 06:14 PM

Looking at this request.  Appears to be focused on the Arcot product set.  I am planning to remove this from the CA SSO queue, but leave in the CA AA queue.  Any concerns?

04-14-2016 04:56 PM

Is there a specific version this applies to? Cause I had been looking at some things like CA Strong Authentication....but if it doesn't support TLS 1.2 that's pretty much a stopper right there. I mean TLS 1.2 has only been around for what, 8 years now? Would think a security product would stay up to date....