Can I upgrade a SPS component separately?

Document ID : KB000074714
Last Modified Date : 29/03/2018
Show Technical Document Details
Question:
We are running CA Access Gateway (SPS) R12.52 SP1 CR04 on Windows, and this is using Apache 2.4.12. Due to a vulnerability existing in this Apache version we would like to upgrade the Apache component to a more recent version. The same happens with OpenSSL, which is version 1.0.1o in this version.

Could we upgrade only one of these components on the CA Access Gateway (SPS) ? How?
 
Environment:
CA Access Gateway (SPS) R12.52 SP1
Answer:
CA Access Gateway (SPS) components like Apache, Tomcat or OpenSSL cannot be upgraded separately, as they are not full component deployments and it would affect many dependencies. So to upgrade any of them, you need to upgrade CA Access Gateway (SPS) to a higher CR, which includes upgraded versions for the components.
Additional Information:
https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/upgrading/upgrade-ca-siteminder-sps