7.5.1 Why were the cryptographic modules changed?

Management and Security Server uses both internal and third-party FIPS-certified cryptographic libraries to perform various keystore and TLS operations.

In anticipation of the RSA BSAFE cryptography library reaching End of Primary Support (EOPS) in January 2017, Management and Security Server was re-configured to use the Bouncy Castle provider for keystore operations.

We also want to allow all customers to more easily use TLS 1.2 without requiring PKI Manager. The cryptographic changes support that ability.