Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

Concepts

Advisory Notes and Best Practices

search

Advisory Notes and Best Practices

This chapter lists some requirements and best practices with respect to security to be followed when using CT-V.

  • TLSv1.2 must be used for communication with Key Manager and database.

  • It is recommended to use obfuscated NAE and DB credentials.

  • It is recommended to avoid using cipher algorithms RSA for Key Exchange, CBC mode, SHA1 in TLSv1.2 protocol while communicating with Key Manager.

  • When using CT-V web services, it is recommended to configure only TLS to offer secure http sessions using strong SSL Cipher algorithms.

  • It is recommended to use only trusted Third party signed certificates for TLS channel.

  • CT-V supports TLSv1.3 with the CipherTrust Manager 2.16 and higher.

On this page