Infrastructure Management Server installs a SSL-enabled Apache Server. The SSL Web server uses a self-signed certificate that must be replaced before HTTPS protocol is used.
SSL connection support requirements
Infrastructure Management supports 128-bit encryption of the SSL (secure socket layer) scheme. However, the following rules apply:
- Only the following connections are secured:
- Agent to Agent Controller
- Administration Console to JServer
- HTML client (browser) to web server
- Certificate Revocation (CRL) is not implemented.
- All agents and remote modules share the same key pair and certificate.
- By default, all customers are shipped the same keys and certificates.
- All keys and certificates have a validity period of 5907 days from the start date: 6/11/2014.
- Only JKS (shipped with the JRE) key store format is supported.
- By default, the server allows both authenticated and non-authenticated connections. However, that can be changed through a property.
- Manual steps are required on the remote modules before they can use certificates issued by a different CA. No support is provided for this.