Server Automation: SA 10.51 Agent change the default TLS setting from 1.0 to 1.2

Server Automation: SA 10.51 Agent change the default TLS setting from 1.0 to 1.2

0 Votes
  • Brief Description:

Server Automation: SA 10.51 Agent change the default TLS setting from 1.0 to 1.2

  • Benefits / Value

This should be done for all linux and windows agent.

TLS 1.0 is unsafe and need to be disable and we should enable TLS 1.2 by default.

  • Design details

    Implementation should be done with a new agent bundle or script which change the default config file of the agent 

3 Comments
Honored Contributor.. SPierce1 Honored Contributor..
Honored Contributor..

I think this was already done with agent bundle 76832.1

  QCCR1D243075 - Set min_ssl_protocol_version default to tlsv1.2 for agent

This agent bundle also added the "cipherlist" paramater to the agent config which allowed for removal of ciphers that don't meet your compliance needs

Micro Focus Expert
Micro Focus Expert

The most recent hotfix rollups for SA 10.51 and SA 10.60 available on https://softwaresupport.softwaregrp.com/ have agents with “min_ssl_protocol_version: tlsv1.2” in agent.args.

Hotfix rollup for SA 10.51: https://softwaresupport.softwaregrp.com/group/softwaresupport/search-result/-/facetsearch/document/KM03162835

Hotfix rollup for SA 10.60: https://softwaresupport.softwaregrp.com/group/softwaresupport/search-result/-/facetsearch/document/KM03147201

Thanks Adrian for the update

Micro Focus Expert
Micro Focus Expert
Status changed to: Already Offered
 
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.