search cancel

activate TLS 1.2 in pim 12.8 without fips

book

Article ID: 202194

calendar_today

Updated On:

Products

CA Virtual Privilege Manager CA Privileged Identity Management Endpoint (PIM) CA Privileged Access Manager - Server Control (PAMSC)

Issue/Introduction


We want to "upgrade" the encryption method for CA  PIM 12.8 SP1 programs to TLS 1.2 protocol  

 

Cause

Now there is not a possibility to accomplish this, a new fix has been created to accomplish this request

Environment

Release : 12.8

Component : CA ControlMinder

Resolution

For now, the tls12_only token will be created when PIM 14.10.0.1509 or later is installed as follows:

.  .  .

; This token controls whether AC works in FIPS only mode. In this mode

; all non-FIPS functions are disabled.
; Valid values:
;    1    AC works in FIPS only mode
;    0    AC works in non-FIPS mode
; Default: 0
fips_only = 0

; This token controls whether AC disables older SSL/TLS protocols (as of 2020,
; SSLv3, TLS 1.0, TLS 1.1).
; Note:
; Valid values:
;    1    AC disables all but TLS 1.2 protocol;
;    0    AC does not restrict communication to TLS 1.2 protocol.
; Default: 0
tls12_only = 0

.  .  .

 

Provided customer with the solution for the enhancement request
acpatch-DE472704-14.10.0.1509-_LINUX_X64.zip