Securing communication between product components
You can secure communication between the TrueSight Capacity Optimization components by using Transport Layer Security (TLS) version 1.2 with server certificate validation.
The components might act as a client or a server based on the context of communication. To achieve TLS mode of communication, the security certificates need to be authenticated between a client and a server. If a component is operating as a client, it requires a truststore to verify a server certificate.
The server certificate must be a certificate that is signed by a certification authority (CA) that your organization recommends. The security administrator of your organization can provide you the required CA-signed certificate or you can create a request to obtain a signed certificate from a CA.
You can switch from the default inter-component security configuration to TLS 1.2 configuration after you install the product components. There are different communication channels established between the TrueSight Capacity Optimization components. You must perform the TLS configurations per communication channel.
For detailed instructions, see the following topics:
- Enabling TLS server certificate validation between the Remedy SSO Server and the Application Server
- Enabling TLS server certificate validation between the Presentation Server and the Application Server
- Enabling TLS server certificate validation between internal Oracle database and product components
- Enabling TLS server certificate validation between internal PostgreSQL database and product components
- Enabling TLS server certificate validation between external database and product components
- Enabling TLS server certificate validation among the internal product components
- Enabling TLS server certificate validation between the Gateway Server and the Application Server
Where to go from here
Installing a CA-signed certificate into the embedded web server
Was this page helpful? Yes No
Submitting...
Thank you
Comments