Trusted Host Configuration

Agent Guide › SiteMinder Agent Installation and Configuration Files › Modify Configuration Files › Trusted Host Configuration

Trusted Host Configuration

The SmHost.conf file results from a successful registration of a unique host name as a trusted host. The SiteMinder Agent installation program automatically launches the smreghost registration tool, which in turn creates the SmHost.conf file and places it in the ASA_HOME/conf folder.

Sample SmHost.conf file:

hostname="dualsol184-asa60"
hostconfigobject="cadell2k24"
policyserver="138.42.223.24,44441,44442,44443"
requesttimeout="60"
sharedsecret="{RC2}3gpfTl6uQY7BrzXbQ88G3be50bR6JGYn/oXpjLrWH2sX4eRvn4aQ5987RXeis
COH2/v5bz2Q/1/k4+N2zNgysHSEdHDWjXWAReRUxPT3gUFBoOxllQ1pKdunZa/Pbm+fwIKOl83goIyLe
WGXDuSfo9EeW7Mj+GKGI6JbXlYE2PjwiDdDTjpQomxpTXwUqSFr"
sharedsecrettime="1167758161"

Note: For information about trusted hosts and the parameters in the file, see the SiteMinder Web Agent Installation Guide.

Note: To register a trusted host outside the SiteMinder Agent installation process, run smreghost through the command line.

A trusted host is a client that is registered with the Policy Server and is, therefore, allowed to connect to the Policy Server. You can modify Trusted Host configuration settings in two places:

Host Configuration file (SmHost.conf)—holds initialization parameters for the Trusted Host. Once the Trusted Host connects to a Policy Server, the Trusted Host uses the settings in the Host Configuration Object named in the hostconfigobject parameter of SmHost.conf.
Host Configuration Object—holds parameters for a Trusted Host. Except for initialization parameters, Trusted Host parameters are always maintained in a Host Configuration Object.

The following describe the parameters in the SmHost.conf file and the Host Configuration Object, respectively.

Note: For information about setting these parameters, see the SiteMinder Policy Server Configuration Guide.

Parameter	Description	Default Value
CryptoProvider	Specifies the encryption method used for hardware encryption	BSAFE
HostName	A unique name that represents the host to the Policy Server	The name you specify when you register the trusted host.
PolicyServer	The server IP address and port numbers for the Policy Server that the Trusted Host accesses	The IP address and port numbers that you specify when you register the trusted host.
RequestTimeout	Specifies the number of seconds that the Trusted Host waits before deciding that a Policy Server is unavailable.	60
SharedSecret	An automatically generated encryption key used for encrypting traffic between the trusted host and the Policy Server. Important! Do not change the shared secret.	N/A

Note: You cannot modify the cryptoprovider or hostname parameters directly. For information about changing these parameters, see the SiteMinder Web Agent Installation Guide.

Parameter	Description	Default Value
EnableFailover	Determines which operation mode the Trusted Host uses to work with the Policy Server.	N/A
HostConfigObject	The name of the Host Configuration Object specified in the Policy Server	The name you specify when you register the trusted host.
MaxSocketPerPort	Defines the maximum number of TCP/IP connections used by the Trusted Host to communicate with the Policy Server.	20
MinSocketPerPort	Determines the number of TCP/IP connections open for SiteMinder services when you start up Policy Server services.	2
NewSocketStep	Specifies the number of TCP/IP connections that the Agent opens when new connections are required.	2
PolicyServer	The server IP address and port numbers for the Policy Server that the Trusted Host accesses	The IP address and port numbers that you specify when you register the trusted host.
RequestTimeout	Specifies the number of seconds that the Trusted Host waits before deciding that a Policy Server is unavailable.	60

Email CA about this topic