Enable TLS 1.2

The Okta Provisioning Agent requires that you enable version 1.2 of the Transport Layer Security (TLS) protocol on the systems where you install the agent.

Enable TLS 1.2 on Linux

To enable TLS version 1.2, you must access the Java Control Panel to change the JRE.

  1. Download and install the Okta Provisioning Agent. See Install the Okta Provisioning Agent.
  2. Edit /opt/OktaProvisioningAgent/conf/settings.conf.
  3. Change the arguments passed to the agent by adding Dhttps.protocols=TLSv1.2 to JAVA_OPTS, similar to the following:JAVA_OPTS="-Xmx4096m -Dhttps.protocols=TLSv1.2"
  4. Save settings.conf.

Enable TLS 1.2 on Windows

TLS version 1.2 is enabled by default on most Windows systems.

Systems running earlier versions, such as Windows Server 2012 (non-R2), may not have TLS 1.2 enabled. To enable TLS 1.2 on those systems, see How to enable TLS 1.2.

Next steps

Install the Okta Provisioning Agent