Configuration Tab › Mapping for Configuration Browser Tabs › Security

Security

The following fields appear on the Security tab for the selected node in the Domain hierarchy or for the selected node under Orchestrators.

Note: For the configuration procedure, see the Content Administrator Guide.

Inherit (Not applicable to the Domain level)

Specifies whether the selected node on the hierarchy inherits the values that are configured at the parent level for that node.

Values: The setting can be one of the following values:

Selected - Inherit the values

Cleared - Do not inherit the values.

Default: Selected

Note: Typically, the only value you configure at the environment level is the CA EEM Cache Update Interval. The other values are CA EEM related and are set at the installation of the Domain Orchestrator. One CA EEM serves the entire Domain.

FIPS-compliant certificate

Specifies whether the algorithms used to encrypt data that is transferred between CA EEM and CA Process Automation are 140-2 compliant.

Selected - Indicates that 140-2 compliant algorithms are used. CA EEM is configured to operate in FIPS mode.

Cleared - Indicates that MD5 algorithms are used.

CA EEM Backend Server

The name of the computer hosting the CA EEM server.

CA EEM Application Name

When you register the CA Process Automation application with CA EEM, specify a parameter named Application Name. The application is registered with CA EEM using this name.

Default: Process Automation

CA EEM Certificate Name

The name of the CA EEM certificate is required for CA Process Automation to connect to CA EEM. During the installation, one of the following certificates is uploaded.

• PAM.p12 if you cleared the FIPS-compliant certificate setting.
• PAM.pem if you selected the FIPS-compliant certificate setting.

CA EEM Certificate Password

During the registration, a password is provided if FIPS mode is not selected. This password is required to connect to the CA EEM server.

CA EEM Certificate Key

During the registration, a certificate key is provided if CA EEM FIPS mode is selected.

CA EEM Cache Update Interval (in seconds)

Specifies the interval in seconds between the CA EEM updates to its internal cache. The cache contains current settings of CA Process Automation user accounts, groups, and policies. When CA EEM updates its cache, CA EEM sends CA Process Automation the contents of the refreshed cache.

Note: Reducing the update interval when you are testing and refining custom policies makes this task go more quickly, but at the sacrifice of performance.

Default: 1800 seconds

Minimum value: 60 seconds

CA Process Automation cache of user permissions: The CA Process Automation security function gets user permissions from a secondary cache. Permissions in this cache are valid for 30 seconds. If the cache age is greater than 30 seconds, the security function requests user permissions from CA EEM. The security function then updates the secondary cache with the query results and resets the cache age. This maximum cache age is handled internally, but can be altered by adding the eem.cache.timeout parameter to the OasisConfig.properties file and setting a new value.

Default: Domain Name