Yubico Validation and Cipher Support Update
You received an update from Yubico noting that they are ending support for their v1 token validation and older TLS cipher suites. You want to ensure this will not break anything with PortalGuard's integration for YubiKey support.
Verify the configured 'Validation URL' within the PortalGuard 'Bootstrap Configuration' and ensure you are using the latest version of the PortalGuard software.
Check the Validation URL:
- Navigate to the PortalGuard server and open the PortalGuard Configuration Editor.
- Click on the 'Edit Bootstrap' button.
- Navigate to the 'Services' tab and choose the 'H/W Tokens' sub-tab.
- On the 'YubiKey' sub-tab, verify the 'Validation URL' is configured to utilize the '2.0' API:
- The 'Set Default URL' button will default to this URL when clicked as well.
- Save these settings if any changes had been made.
- If necessary, click on the 'Apply to PortalGuard Server' button.
- Click the 'Sync' button.
Confirm PortalGuard Version for Cipher Support:
PortalGuard has defaulted to using TLS 1.2 since Version 220.127.116.11 - released in April 2016. Any customer on an earlier version will need to upgrade to the latest version of PortalGuard to ensure stronger cipher support. To determine your PortalGuard version, please follow the steps below:
- Navigate to the PortalGuard server and use the File Explorer to navigate to the Program Files\PistolStar\PortalGuard\Bin folder.
- Locate the 'pg.dll' file.
- Right-click the file and choose 'Properties'.
- Navigate to the 'Details' tab.
- Ensure that you are utilizing a version later than v5.3
- Click 'OK' and locate the 'PG_IdP.dll' file
- Using the steps above, confirm the version of this file as well.
- If necessary, please reach out to firstname.lastname@example.org or submit a support ticket to schedule an upgrade.
REV. 12/2018 | PortalGuard