NFA 9.3.8 enhanced support for TLS 1.2 for HTTPS Connections

Document created by Christopher_Walsh Employee on Feb 27, 2018
Version 1Show Document
  • View in full screen mode

NFA 9.3.6 introduced TLS 1.2 support for mysql communications.

 

NFA 9.3.8 allows now now to disable weaker protocols to ensure TLS 1.2 is used in accessing NFA through the web page.

 

See the links below:

For Certificate setup see: Generate or Configure Certificates for Use by CA Network Flow Analysis - CA Network Flow Analysis - 9.3.8 - CA Technolog…   Note if you are using CA provided certs see the bottom of this link as most of the steps are for Self Signed Certificates.

 

For enabling HTTPS for IIS and the SSO login page see: Enable HTTPS for CA Network Flow Analysis - CA Network Flow Analysis - 9.3.8 - CA Technologies Documentation 

 

For restricting HTTPS to using TLS 1.2 see: Enable TLS 1.2 for HTTPS Connection - CA Network Flow Analysis - 9.3.8 - CA Technologies Documentation 

 

For disabling weak cyphers in the registry see: Security Settings for Protection Against BEAST and Weak Diffie-Hellman Moduli - CA Network Flow Analysis - 9.3.8 - CA Te… 

 

For enabling TLS 1.2 communication for MySql communication between console and harvesters see: Enable TLS for MYSQL Connections - CA Network Flow Analysis - 9.3.8 - CA Technologies Documentation 

Attachments

    Outcomes