Ciphers used with TLS 1.2 in ITMS 8.x
search cancel

Ciphers used with TLS 1.2 in ITMS 8.x

book

Article ID: 150696

calendar_today

Updated On:

Products

IT Management Suite Client Management Suite

Issue/Introduction

What Cipher Suites are used with TLS 1.2 in ITMS 8.x? 

The Cipher Suite in use by a agent is listed in the Agent UI.  The Cipher Suite is chosen between the Agent and the Server, and they use the most secure Cipher Suite possible.

Environment

ITMS 8.x

Resolution

The cipher usage depends on the Windows OS version being used, and the later versions then more sophisticated algorithms are available.

SMA (Symantec Management Agent) does not select the algorithm set and does not restrict the algorithm's usage, it is relying on SCHANNEL to select the algorithm, then the client and server negotiate on the algorithm during the SSL handshake. If an algorithm is disabled in the OS then it cannot be used by ITMS. IISCrypto (https://www.nartac.com/Products/IISCrypto) is a free third-party tool that can be used to view, disable, or enable the algorithms in the OS or modify the registry where it is configured directly as shown here:

Enabling TLS 1.2 for the ITMS Management Platform Environment

An example of the Windows 10 cipher suites enabled by default and their specified priority assigned by Microsoft's Schannel Provider is described in the following Microsoft article:

TLS Cipher Suites in Windows 11

Powered by Wolken Software