CA Client Automation uses X.509 certificates for authentication between its client processes and any service that requires authentication. For example, X.509 is used when the software delivery component connects to its parent scalability server
A CA Client Automation installation comes with a set of default standard certificates signed by a CA root certificate. The public root certificate is installed on every node within the enterprise.
We strongly recommend that each enterprise create and deploy its own root certificate, Basic Host Identity (BHI) certificates, and application-specific certificates.
For details on creating end user-specific certificates see CA Client Automation Security Features.
To create new certificates using the cacertutil tool, you must install at least one component (Explorer, Asset Management agent, and so on). The cacertutil tool is in the bin folder under the DSM installation directory.
After having created your own specific certificates, replace the default standard certificates inside the install image with your new certificates before starting any installation or deployment of DSM components.
After replacing the certificates within the install image, installation or deployment can start as usual.
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|