Configuring agents or repeaters to authenticate incoming requests with client-side certificates (Windows)

Use this procedure to update the rscd entry in each agent's secure file so it reads as follows:

rscd:port=4750:protocol=5:tls_mode=encryption_and_auth:encryption=tls

After agents are provisioned with the SHA1 fingerprint of an Application Server's self-signed certificate, the secure files on those agents must be updated so tls_mode=encryption_and_auth. This setting requires client authentication via client-side certificates.

To modify the rscd entry in the secure file on each targeted agent, use Network Shell to enter the following secadmin command:

secadmin -m rscd -p 5 -T encryption_and_auth -e tls

Tip

You can also run this command using nexec from the Application Server (using nexec <hostname> secadmin ...) or by using a NSH script job.

This procedure is also necessary if you are configuring a repeater to authenticate incoming requests from an Application Server.

Was this page helpful? Yes No Submitting... Thank you

Comments