OpenSSL usage with ITMS
search cancel

OpenSSL usage with ITMS

book

Article ID: 253548

calendar_today

Updated On:

Products

IT Management Suite Client Management Suite Server Management Suite

Issue/Introduction

Question:

Do we still use OpenSSL with ITMS version 8.5 and 8.6 respectively?

Environment

ITMS 8.5, 8.6

Resolution

Answer:

No and Yes.
OpenSSL was used mainly in Apache for our IGW (Internet Gateway).
ITMS version 8.5 and higher no longer uses Apache on Internet Gateways. See KB 185012 "What has changed in Internet Gateway 8.5 compared to older versions?"

However, we still use OpenSSL in ITMS 8.5 and 8.6 in a few components:

  • ULM Agent,
  • Network Discovery,
  • PPA,
  • Credential Manager,
  • Ghost (and GSS).

The version of OpenSSL we use is a variant of 1.0.2.
In ITMS release 8.7 we'll start using OpenSSL 3.0..x for the ULM Agent.
For the rest of the components, we'll stay on 1.0.2 variant which is the latest available.

If you are concerned about recent OpenSSL vulnerabilities, you can check our Security advisories here for recent ones: 
https://www.broadcom.com/support/fibre-channel-networking/security-advisories 





Powered by Wolken Software