Table of Contents
Advertisement
How VCM Uses Certificates
There are three types of certificates that enable HTTP collector-agent communications in VCM:
Enterprise Certificate
l
One or more Collector Certificates
l
Agent Certificates for each Agent (used in optional Mutual Authentication)
l
Certificate information regarding the Enterprise and Collector certificates is collected in VCM. See Administration |
Certificates.
The Enterprise Certificate
The Enterprise Certificate enables VCM to operate in a multi-collector environment. Agents have the Enterprise
Certificate in their trusted certificate stores, and can use it implicitly to validate any certificate issued by the Enterprise
Certificate. All Collector Certificates are expected to be issued by the Enterprise Certificate. This is critical in
environments where a single Agent is shared between two Collectors.
Figure 1: Dedicated Collector-Agent Relationship
The diagram above illustrates a dedicated Collector-Agent relationship. This type of environment includes two
Collectors (Collector A and Collector B) that each have a dedicated set of Agents that they collect from. Each Agent
has its Collector's Issuer (Enterprise) certificate.
TLS Implementation for VCM
TECHNICAL WHITE PAPER / 7
Advertisement
Table of Contents
