McAfee EPOLICY ORCHESTRATOR 4.5 Product Manual page 45
Hide thumbs
Also See for EPOLICY ORCHESTRATOR 4.5:
- Installation manual (30 pages) ,
- Release note (10 pages) ,
- Supplement manual (15 pages)
Table of Contents
Advertisement
Configuring ePolicy Orchestrator
Security keys and how they work
2
Next to Local master repository key pair, click Export Key Pair. The Export Master
Repository Key Pair dialog box appears.
3
Click OK. The File Download dialog box appears.
4
Click Save, browse to a location that is accessible by the other servers, where you want
to save the zip file containing the secure-communication key files, then click Save.
5
Next to Import and back up keys, click Import . The Import Keys wizard opens.
6
Browse to the zip file containing the exported master repository key files, then click Next.
7
Verify that these are the keys you want to import, then click Save.
The imported master repository key pair replaces the existing key pair on this server. Agents
begin using the new key pair after the next agent update task runs. Once the master repository
key pair is changed, an ASSC must be performed before the agent can use the new key.
Using master repository keys in multi-server environments
Use this task to ensure that agents 3.6 and later can use content originating from any ePO
server in your environment.
The server signs all unsigned content that is checked in to the repository with the master
repository private key. Agents use repository public keys to validate content that is retrieved
from repositories in your organization or from McAfee source sites.
The master repository key pair is unique for each installation of ePolicy Orchestrator. If you use
multiple servers, each uses a different key. If your agents can download content that originates
from different master repositories, you must ensure that agents (version 4.0 and later) recognize
the content as valid.
You can ensure this in two ways:
• Use the same master repository key pair for all servers and agents.
• Ensure agents are configured to recognize any repository public key that is used in your
environment.
The following process exports the key pair from one ePO server to a target ePO server, then,
at the target ePO server, imports and overwrites the existing key pair.
Before you begin
McAfee recommends that you back up the existing master repository key pair on the target
ePO server before overwriting it with an imported master repository key pair.
You must have permission to access and write to the target ePO server before starting this
process.
Task
For option definitions, click ? in the interface.
1
On the ePO server with the master repository key pair, click Menu | Configuration |
Server Settings, select Security Keys from the Setting Categories list, then click Edit.
The Edit Security Keys page appears.
2
Next to Local master repository key pair, click Export Key Pair. The Export
Agent-Server Communication Keys dialog box appears.
3
Click OK. The File Download dialog box appears.
4
Click Save, then browse to a location on the target ePO server to save the zip file.
McAfee ePolicy Orchestrator 4.5 Product Guide
45
Advertisement
Table of Contents
