After Windows 10 Update, RSA Security Console site no longer available
We are currently using RSA Authentication Manager version 8.1 in our environment.
A few of our admins ran the most recent Windows 10 update (version 1709, OS build 16299.19). After the update they can no longer reach our RSA Security Console site. They receive the error in the screenshot. All the usual tricks have been tried (clearing internet cache, enabling / disabling TLS in security settings, etc). Users who have not applied this update can access the site with no problems.
Question: is there a change that we can make to our RSA Security Console website that will make it accessible by users on the latest version of Windows 10?
- Auth Manager
- Authentication Manager
- Community Thread
- Forum Thread
- RSA Authentication Manager
- RSA SecurID
- RSA SecurID Access
AM ver. 8.1 only supports TLSv1.1, TLSv1.0 and SSLv3 for SSL sessions to the Server consoles, so if your browser is locked down to only use TLSv1.2, the connection will be refused.
Immediate problem is to get console access, so you need to either allow at least TLSv1.1
In your current browser, or if your browsers are locked down you need to find and download an older browser, something like virtual IE6.
After you get access you'll want to upgrade AM to at least AM 8.1 SP1 P15. TLSv1.2 support was introduced in AM 8.1 SP1 P3, so roll-up patch 15 will include it, and you probably cannot find P3, nor should you use a lower patch. AM 8.1 base is pretty old, so there have been a lot of bug fixes since.
There's a discussion on TLS versions, and Ciphers, in RSA link
Thanks for the quick reply Jay!
Currently I can access the console by opening the site on a Server 2008 machine, so I can run the upgrade that way. Would you recommend that we just do the upgrade to 8.2? Do we need to run intermediary patches between our version and 8.2?
Yes. Your Win2008 Server has a browser that supports TLSv1.1, and maybe less, so you can use it to upload and patch your primary, then replica