The Security Policy value in the Encryption tab (see Encryption tab) determines whether encryption is required to communicate with the server.
To activate or deactivate encryption
- Log on to the appropriate BMC Remedy AR System server.
- Open the AR System Administration Console.
- Click System > General > Server Information.
- In the AR System Administration: Server Information form, click the Encryption tab.
In the New Encryption Settings area, select one of these options in the Security Policy list:
Centralized configuration setting
This is the default for BMC Remedy Encryption Performance Security and BMC Remedy Encryption Premium Security FIPS noncompliance.
Clients with and without encryption installed can communicate with the server.
Network traffic is encrypted only if the client supports the server encryption configuration.
Otherwise, network traffic is exchanged in plain text.
This is the default for BMC Remedy Encryption Performance Security and BMC Remedy Encryption Premium Security FIPS compliance.
Only clients with encryption installed can communicate with the server.
The encryption level installed on the client (standard, BMC Remedy Encryption Performance Encryption, or BMC Remedy Encryption Premium Encryption) must be compatible with the encryption algorithms used by the server.
This is the default for standard encryption.
Whether encryption is installed on a client or not, communication with the server is not encrypted. Network traffic is exchanged in plain text.
Encrypt-Security-Policyentry is missing from the configuration file, encryption is also deactivated.
See Security policy impact on client-server communication for Security policy planning information.
- (Optional) In the Data Key Details area, change the defaults. See Configuring the data key.
- (Optional) In the Public Key Details area, change the defaults. See Configuring the public key.
- (Optional) Activate FIPS compliance. See Configuring the data key.
- Click Apply.
- Restart the server.
- Relog on to any clients that are connected to the server.