OpenSSL usage with ITMS
search cancel

OpenSSL usage with ITMS

book

Article ID: 253548

calendar_today

Updated On: 04-01-2025

Products

IT Management Suite Client Management Suite Server Management Suite

Issue/Introduction

Do we still use OpenSSL with ITMS version 8.5 and 8.6 respectively?

Environment

ITMS 8.x

Resolution

The answer to this question is both "No" and "Yes".

OpenSSL was used mainly in Apache for our IGW (Internet Gateway).

ITMS version 8.5 and higher no longer uses Apache on our Internet Gateways. See KB 185012 "What has changed in Internet Gateway 8.5 compared to older versions?"

However, we still do use OpenSSL in ITMS 8.5 and 8.6 in a few components as listed below:

  • ULM Agent,
  • Network Discovery,
  • PPA,
  • Credential Manager,
  • Ghost (and GSS).

The version of OpenSSL we use is a variant of 1.0.2.

In ITMS release 8.7 we started using OpenSSL 3.0..x for the ULM Agent.

For the rest of the components, we'll stay on the 1.0.2 variant which is the latest available.

If you are concerned about recent OpenSSL vulnerabilities, you can check our Security advisories here for recent ones: 

https://www.broadcom.com/support/fibre-channel-networking/security-advisories