Skip to Content
Information

This site will undergo a brief period of maintenance on Friday, 18 December at 12:30 AM Central/12:00 PM IST. During a 30 minute window, site availability may be intermittent.

Information
Space banner This version of the product has reached end of support. The documentation is available for your convenience. However, you must be logged in to access it. You will not be able to leave comments.

Enabling agents to connect SSL-enabled master servers

For all communication, BMC Client Management (BCM) uses secure connections by using SSL through the Open SSL Library. A Private Key Infrastructure (PKI) must be created and maintained for each environment of the BCM infrastructure. The PKI environment includes a Root CA for issuing server certificates that are required by BCM agents to securely connect to the BCM servers.

When an agent connects to an SSL-enabled BCM server, it receives the server certificate issued by the Root certificate CA.For example, when an agent connects to the Master server, it receives the Master_Server_certificate. The agent might also receive a certificate chain up to the root certificate. Agents must trust the certificate to connect to the server. If the agent trusts the Root CA, all other certificates issued by that certificate issuing authority are automatically trusted. 


Related topics

Configuring-SSL-for-BMC-Client-Management

Managing-security

Configuring-SSL-for-BMC-Client-Management

To simplify this process ensure that a rule is set to trust the issuing authority of the received certificate, which for BCM is Cert_Root_CA. 

Starting with version 12.6, the following REST Web service can be used to retrieve the root certificate, Cert_Root_CA:

https://server_IP_or_name:port/raw/1/cacert

where server IP or name is the IP address or name of the BCM server. 

This Web service is available on any BCM agent and is expected to return the CA certificate in DER format (binary encoded).

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC Client Management 12.8