SSL connection support requirements

Infrastructure Management supports 128\-bit encryption of the SSL (secure socket layer) scheme. However, the following rules apply:

• Only the following connections are secured:
  • Agent to Agent controller
  • Administration Console to JServer
  • HTML client (browser) to web server
• Certificate Revocation (CRL) is not implemented.
• All agents and remote modules share the same key pair and certificate.
• By default, all customers are shipped the same keys and certificates.
• All keys and certificates have a validity period of 5907 days from the start date: 8/24/2010.
• Only JKS (shipped with the JRE) key store format is supported.
• By default, the server allows both authenticated and non-authenticated connections. However, that can be changed through a property.
• Manual steps are required on the remote modules before they can use certificates issued by a different CA. No support is provided for this.