How to disable TLSv1.0 and TLSv1.1 ?

book

Article ID: 143359

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM) CA Privileged Access Manager - Cloakware Password Authority (PA) PAM SAFENET LUNA HSM CA Privileged Access Manager - Server Control (PAMSC)

Issue/Introduction

How to disable TLSv1.0 and TLSv1.1 from the communications options of PAM

Cause

The disabling of the TLSv1.0 and TLSv1.1 is required for security purposes. 

Environment

Privileged Access Management 3.2

 

Resolution

Assuming your endpoints (target applications) can communicate using TLSv1.2, you can disable TLSv1.0 and TLSv1.1 by opening the PAM client, clicking on Configuration, Security, Access.

Disable "TLS v1.0/1.1 Connection Allowed".

You should now be communicating only using TLSv1.2