Enable the Transport Layer Security 1.2 protocol

The Transport Layer Security (TLS) v1.2 protocol is required to install the Linux and Windows Okta ProvisioningProvisioning is the enterprise-wide configuration, deployment, and management of multiple types of IT system resources. Specifically, provisioning provides users access to equipment, software, or services. This involves creating, maintaining and deactivating required business process automation objects and attributes in systems, directories, and applications. AgentA software agent is a lightweight program that runs as a service outside of Okta. It is typically installed behind a firewall and allows Okta to tunnel communication between an on-premises service and Okta's cloud service. Okta employs several agent types: Active Directory, LDAP, RADIUS, RSA, Active Directory Password Sync, and IWA. For example, users can install multiple Active Directory agents to ensure that the integration is robust and highly available across geographic locations.. If you've already enabled the TLS.1.2 protocol, see Install the on-premises provisioning agent.

Linux

To enable TLS version 1.2, you must access the Java Control Panel to change the JRE.

  1. Download and install the Okta Provisioning Agent. See Install the Okta Provisioning Agent.
  2. Navigate to …/opt/OktaProvisioningAgent/conf/settings.conf
  3. In settings.conf, change the arguments passed to the agent by adding:

    Dhttps.protocols=TLSv1.2 to JAVA_OPTS.

    JAVA_OPTS="-Xmx4096m -Dhttps.protocols=TLSv1.2

Windows

To enable TLS version 1.2, you must access the Java Control Panel and enable TLS 1.2.

  1. Download and install the Okta Provisioning Agent. See Install the Okta Provisioning Agent.
  2. Navigate to C:\Program Files\Okta\OktaProvisioningAgent\current\jre\bin and double-click javacpl to open the Java Control Panel.
  3. On the Java Control Panel, click the Advanced tab.
  4. In Advanced Security Settings, select TLS 1.2.
Top