Questions about encryption methods used in Symantec SiteMinder
search cancel

Questions about encryption methods used in Symantec SiteMinder

book

Article ID: 196678

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) SITEMINDER

Issue/Introduction

What are the :
- Encryption method used in encryption of SSO cookies that are read by all agents in a SSO environment
- Encryption method used in encryption of session tickets which contains user credentials

Environment

Applies to SiteMinder any version

Resolution

The following document should outlines the encryption elements:

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/administrating/manage-encryption-keys.html

- Web Agents use an Agent key to encrypt cookies before passing the cookies to a user’s browser. 

- The session ticket is encrypted using the session ticket key and cached in the Agent User Cache.

Powered by Wolken Software