Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

 Rashi Chhabra (Rashi_Chhabra)
Chhabra

Chhabra
IN
Rashi_Chhabra Member since 2017 22 posts
Chhabra
Posted: Sep 8, 2020
Last activity: Sep 22, 2020
Posted: 8 Sep 2020 6:44 EDT
Last activity: 22 Sep 2020 3:37 EDT
Closed

Which security protocol does Pega follow?

All,

We have an application team which is connecting to Pega from a dotnet script and they have configured ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;

 

We want to make sure it matches the protocol we have. Can you confirm?

 

Thanks.

***Edited by Moderator: Pallavi to update platform capability tags***  

To see attachments, please log in.
Pega Platform 8.1.3
System Administration
Security
System/Cloud Ops Administrator

Posted: 4 years ago
Posted: 18 Sep 2020 12:10 EDT
Eric Rietveld (Eric Rietveld) Principal System Architect
Pegasystems Inc.
NL

Hi,

All modern version of Pega support TLS1.2. External components like loadbalancers that do TLS offloading could however have different configurations, but most support TLS1.2 these days.

Please never use the unsecure SSL3 and only configure the highest protocol, meaning only select SecurityProtocolType.Tls12.

Since you're working on securing your connections, let me recommend to also investigate the cypher suits that you're supporting over TLS and also finetune security for outbound connectivity. (In your Connect- rules look for Lowest allowable SSL/TLS version)

Eric

 

To see attachments, please log in.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice