Where we could disable SHA1 and CBC mode cipher encryption and enable CTR or GCM cipher mode encryption in ITCM environment ?
book
Article ID: 191603
calendar_today
Updated On:
Products
CA Client Automation - Asset Management
CA Client Automation - IT Client Manager
CA Client Automation
CA Client Automation - Software Delivery
CA Client Automation - Remote Control
CA Client Automation - Asset Intelligence
CA Client Automation - Desktop Migration Manager
CA Client Automation - Patch Manager
Issue/Introduction
Where we could ‘To disable SHA1 and CBC mode cipher encryption and enable CTR or GCM cipher mode encryption’ in ITCM environment ?
TLS/SSL Protocol setting for manager is as below
VTLPSDO1 (CA Manager
Current:
SSL2.0 Client/Server disabled
SSL3.0 Only Server disabled
TLS 1.1 Client/Server enabled
TLS 1.2 Client/Server enabled
Is it ok to directly disable TLS1.1 also in manager and only use TLS 1.2 since agents and SS are using SP2 right now.
Environment
Release : 14.0 SP1 SP2 SP3
Component : DESKTOP AND SERVER MANAGEMENT
Resolution
If agents ss and dm are all 14 sp1 or above you can disable tls 1.0 and tls 1.1 and enable tls 1.2
Feedback
thumb_up
Yes
thumb_down
No