Although investigated from the manual and the website, How to deter the Server header (Server: Apache) which is a response header of Apache and Tomcat in CA Access Gateway is unknown. Please let me know about the method of deterring a Server header (Server: Apache).
SSO：CA Single Sign-On 12.8
OS：Windows 2012 R2
How to make a Server response header the minimum output by Apache, you can set as a httpd.conf file with "ServerTokens Prod" by a ServerTokens directive.
Refer to Apache site.
Since it seems that there is no way of deletion or overwrite of a header, if required, you need to add your comment to communities as enhancement request.