Where we could disable SHA1 and CBC mode cipher encryption and enable CTR or GCM cipher mode encryption in ITCM environment ?
search cancel

Where we could disable SHA1 and CBC mode cipher encryption and enable CTR or GCM cipher mode encryption in ITCM environment ?

book

Article ID: 191603

calendar_today

Updated On:

Products

CA Client Automation - Asset Management CA Client Automation - IT Client Manager CA Client Automation CA Client Automation - Software Delivery CA Client Automation - Remote Control CA Client Automation - Asset Intelligence CA Client Automation - Desktop Migration Manager CA Client Automation - Patch Manager

Issue/Introduction

Where we could ‘To disable SHA1 and CBC mode cipher encryption and enable CTR or GCM cipher mode encryption’ in ITCM environment ?

TLS/SSL Protocol setting for manager is as below
VTLPSDO1 (CA Manager

Current:

SSL2.0 Client/Server disabled

SSL3.0 Only Server disabled

TLS 1.1 Client/Server enabled

TLS 1.2 Client/Server enabled

Is it ok to directly disable TLS1.1 also in manager and only use TLS 1.2 since  agents and SS are using SP2 right now.

Environment

Release : 14.0 SP1 SP2 SP3

Component : DESKTOP AND SERVER MANAGEMENT

Resolution

If agents ss and dm are all 14 sp1 or above you can disable tls 1.0 and tls 1.1 and enable tls 1.2
Powered by Wolken Software