WebSEAL Configuration
As part of the FAPI conformance, the IBM Security Verify Access appliance supports Mutual TLS-based client authentication (MTLS) for confidential client authentication
About this task
To achieve FAPI MTLS on IBM Security Verify Access,
perform the following tasks:
- Disable TLS 1.0/1.1
- As part of FAPI requirement, the appliance strictly disallows TLS 1.0/1.1 connections. See Step 1: Disable TLS 1.0/1.1
- Only Allow Secure Cipher Suites
- To ensure that IBM® Security Verify Access uses only FAPI specification-compliant SSL version and ciphers for TLS Connection, see Step 2: Allow Secure Cipher Suites.