Administration → Secure Socket Layer (SSL) Configuration → Configuring Mutual Authentication Mode
In mutual authentication mode, communications are encrypted as usual, but users are also required to authenticate themselves by providing digital certificates. A digital certificate is a cryptographically signed document intended to assure others as to the identity of the certificate's owner. Deployment Automation certificates are self-signed.
When mutual authentication mode is active, Deployment Automation uses it for JMS-based server/agent communication. In this mode, the Deployment Automation server provides a digital certificate to each agent, and each agent provides one to the server. This mode can be implemented during server/agent installation, or activated afterward.
To activate this mode, the Deployment Automation server provides a digital certificate to each local agent and agent relay, and each local agent and agent relay provides one to the server.
Agent relays, in addition to swapping certificates with the server, must swap certificates with the remote agents that will use the relay. Remote agents do not have to swap certificates with the server, just with the agent relay they will use to communicate with the server.
This mode can be implemented during installation or activated afterward.
To prepare for using mutual authentication, follow the following procedures in order:
Copyright © 2011–2017 Serena Software, Inc. All rights reserved.