How to prevent usage of TLS v1 or SSL in PIM
search cancel

How to prevent usage of TLS v1 or SSL in PIM

book

Article ID: 189071

calendar_today

Updated On: 05-05-2025

Products

CA Privileged Access Manager (PAM) CA Privileged Access Manager - Cloakware Password Authority (PA) CA Privileged Access Manager - Server Control (PAMSC) CA Privileged Identity Management Endpoint (PIM)

Issue/Introduction

A PCI DSS scan in our environment has detected some weaknesses in our environment.
How to prevent usage of weaker communication protocols?

Environment

Release : 14.1

Component : PAM SERVER CONTROL ENDPOINT WINDOWS

Resolution

fips_only=1

This forces communication based on the LCA protocol, like policyfetcher - DH communication, to use TLSv1.2 over port 5249

Note, any setting for communication_mode in seos.ini is ignored if fips_only=1 is set.

Additional Information

Please see also our documentation

FIPS Compliance

crypto