You configure encryption settings when you install CA ControlMinder. After installation, you can use the sechkey utility to change SSL encryption. You may also need to change the value of configuration settings.
Important! To avoid communication problems, use the same encryption method on all computers that run CA ControlMinder components.
To enable SSL encryption
If you are changing the encryption settings on a CA ControlMinder Enterprise Management Server, also stop the CA ControlMinder Web Service.
Specify this value if you want to enable both symmetric and SSL encryption. This value lets the computer communicate with all CA ControlMinder components.
Note: If you specify this value, CA ControlMinder uses SSL encryption each time that it tries to communicate with another CA ControlMinder component. If SSL fails, it then uses symmetric encryption. This value lets you migrate your CA ControlMinder deployment from a symmetric encryption environment to an SSL encryption environment.
Specify this value to enable SSL encryption only. This value lets the computer communicate with only the CA ControlMinder components that use SSL encryption.
Note: (Windows) If you are working with a third-party program that uses the CA ControlMinder SDK, the crypto section is located at the CA ControlMinder SDK registry path that you defined during installation.
Note: If you do not configure SSL encryption further, you can use the default CA ControlMinder X.509 certificates to encrypt and authenticate communication between CA ControlMinder components. However, we recommend that you change the default certificates instead.
SSL encryption is enabled.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|