Configuring agents or repeaters to authenticate incoming requests with client-side certificates (Windows)
Use this procedure to update the rscd entry in each agent's secure file so it reads as follows:
After agents are provisioned with the SHA1 fingerprint of an Application Server's self-signed certificate, the secure files on those agents must be updated so
tls_mode=encryption_and_auth. This setting requires client authentication via client-side certificates.
To modify the
rscd entry in the secure file on each targeted agent, use Network Shell to enter the following
secadmin -m rscd -p 5 -T encryption_and_auth -e tls
You can also run this command using nexec from the Application Server (using
nexec <hostname> secadmin ...) or by using a NSH script job.
This procedure is also necessary if you are configuring a repeater to authenticate incoming requests from an Application Server.