Hello,

 

Following technote 

 

How do we disabled the old TLS protocols for the R – CA Knowledge 

 

Is there the same for 12.8 version of adminUI ? 

I tried to modify the /opt/application/CA/siteminder/adminui/standalone/configuration/standalone-full.xml and remove the TLSv1.1 protocol as above

 

<https-listener enabled-cipher-suites=”SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA” enabled-protocols=”TLSv1.2″ name=”https” security-realm=”SSLRealm” socket-binding=”https”/>

 

I deleted the deloy/data folder re-register the adminUI, But I’m still able to connect with TLS 1.1

 

openssl s_client -connect <adminui-ip>:8443 -tls1_1

 

Any idea ?

 

Thank you,

Julien.


Source: New feed
{pubDate}

Leave a Reply

Your email address will not be published. Required fields are marked *