Application Server to agent or repeater
For traffic between an Application Server and an agent or repeater, TrueSight Server Automation relies on TLS to secure communication and the following options for authenticating the Application Server host to the repeater or agent:
- Self-signed certificates — Enables agents or repeaters to authenticate Application Servers. To accomplish this, agents and repeaters are provisioned with the SHA1 fingerprints of the Application Servers' self-signed certificates.
Implementation
For implementation details, see TLS with client-side certs - Securing a Windows Application Server or TLS with client-side certs - Securing a UNIX Application Server. If you want to set up self-signed certificates for a Network Shell proxy server, use these procedures as well. The procedure is identical. - IP address — Limits incoming traffic for an agent or repeater to IP addresses of specific Application Servers.
Implementation
To implement this approach, modify the exports file on each agent or repeater. For more information, see Configuring-the-exports-file. - No authentication — By default, when an Application Server connects to an agent or repeater, no authentication occurs.
Implementation
A default installation of TrueSight Server Automation provides no authentication for this communication leg.
Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*