Enabling TLS 1.2 for PATROL Agent to Integration Service communication
By default, the PATROL Agent communicates using either Transmission Control Protocol (TCP) or Secure Sockets Layer (SSL) protocol, but you can configure PATROL Agents to enable TLS 1.2 mode.
The following process workflow guides you to configure the PATROL Agent to Integration Service communication to be TLS compliant:
- Ensure that the signed certificates are generated for the Integration Service and imported into the PATROL Agent's client DB certificate store.
To generate signed certificates for the Integration Service, see Implementing-private-certificates-in-the-Integration-Service. - Ensure that the PATROL Agent and the TrueSight Integration Service are running at the same security level.
To change the PATROL Agent's security level, see Changing the PATROL Agent's security level.
To change the Integration Service's security level, see Changing the Integration Service's security level.
- Configure the PATROL Agent to Integration Service communication to enable TLS mode.
- Run the set_unset_tls command in the PATROL Agent
- Run the set_unset_tls_is command in the Integration Service
For details, see Configuring-the-PATROL-Agent-to-Integration-Service-communication-to-enable-TLS-1-2.
Update the PATROL Agent's registry files.
For details, see Updating the PATROL Agent registry files.Update the Integration Service's registry files.
For details, see Updating the Integration Service registry files.
Where to go from here
For more information about how to configure other communication channels to enable TLS 1.2, see Configuring-TrueSight-Infrastructure-Management-to-enable-TLS-1-2.