Does the APM Websphere Agent support TLS 1.1/1.2 if configured on the WAS server?


Article ID: 14705


Updated On:


CA Application Performance Management Agent (APM / Wily / Introscope) INTROSCOPE


    This is the first time that this has been documented. It is based on what is understood after reviewing APM documents and having lengthy conversations with APM Engineering. This may not cover all aspects of this issue properly. In the near future, this is very likely to be revised with a more detailed explanation.

Could you please confirm if TLS 1.1/1.2 is supported with WebSphere APM Agent (WAS) and CA APM for Web Servers?


All APM releases running WebSphere Application Server or CA APM for Web Servers. The customer asking the question had APM WAS Agent using 10.3 under CentOS7.3.


CA WebSphere APM Agent (WAS) over CentOS does not use the TLS/SSL version configured on the WebSphere Application Server.  APM only does byte code instrumentation of JAVA classes, generates performance metrics and report them to the CA APM Enterprise Manager server. 

Note that typically an application relies on the operating system to determine the cryptography of the connection including the TLS released used.

Additional Information


 The CA APM for Web Servers supports only SSL v3.0 and TLS v1.0 protocols. You cannot monitor the IIS web server running over PCT 1.0 or the SSL v2.0 protocol.