Securing Communication over TLS 1.2 - IDM Linux Fanout Driver

  • 7024871
  • 19-Oct-2020
  • 19-Oct-2020


Identity Manager Driver - Linux and UNIX - Fan Out
Platform Agents
Core Driver


Security Requirements for TLS 1.2 Communication between Platform agents and Core Driver


Recent Versions for both the Core Driver and Platform agents are required to allow for TLS 1.2 Communication.
By default the Core Driver and platform agent will communicate over TLS 1.2 if both ends support it.

At the time of the writing of this TID, the lowest combination tested that communicated over TLS 1.2 was

IDM Engine - 4.6.2
Core Driver - novell-DXMLfandrv-
Platform Agent -

This combination successfully communicated over TLS 1.2, and is assumed that later versions of any of the above components would continue to do so.

Confirmation can be accomplished by analyzing a LAN trace of the communications.
For example at either the Platform agent or Core Driver end a "tcpdump -i any port 3451 -s 0 -w nameoftrace.cap"
can taken and analyzed to determine actual communications. Below is a capture of the traffic using wireshark.