Table of Contents
Advertisement
TLS Implementation for VCM
Delivering Initial Certificates to Agents
VCM Agents use Enterprise Certificates to validate Collector Certificates. Therefore, the Agent must have access to
the Enterprise Certificate as a trusted certificate. In most cases, VCM will deliver and install the Enterprise Certificate
as needed.
Installing the Agent from the Collector
The Enterprise Certificate is stored in the CollectorData folder on the Collector. The Enterprise Certificate is installed
when the VCM Agent is installed or upgraded with the HTTP protocol.
New Installations
In a new Agent installation, all module files will be installed. The Enterprise Certificate will be installed if and when the
EcmComSocketListenerService module is installed. If the "Enable HTTP" option is not chosen for the installation,
then the module and certificate will not be installed.
Upgrades
All upgrades of HTTP-enabled Agents from non-TLS Agents to TLS Agents receive a new version of the
EcmComSocketListenerService, and the Enterprise Certificate. This also applies to upgrades via the "License and
Install Agent on Discovered Machines" Discovery rule option (see VCM Help for more information on VCM
Discoveries."
Changing Protocols from DCOM to HTTP
Changing protocols to HTTP causes the EcmComSocketListenerService module to be installed. Since a secure
DCOM connection with the Agent exists, the current Enterprise Certificate can be delivered with the
EcmComSocketListenerService module.
Changing Protocol from HTTP to DCOM
The EcmComSocketListenerService module is uninstalled from the Agent during this operation. Since DCOM does
not use certificates, the Agent will simply stop using them. Any changes to the Enterprise Certificate will not be
automatically propagated to the Agent until HTTP is reinstated. Changing protocol from DCOM to HTTP in the future
will deliver the current Enterprise Certificate.
TECHNICAL WHITE PAPER / 15
Advertisement
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for VMware VCM 5.3 - TRANSPORT LAYER SECURITY IMPLEMENTATION
Related Products for VMware VCM 5.3 - TRANSPORT LAYER SECURITY IMPLEMENTATION
- VMWARE VCENTER CONFIGURATION MANAGER 5.3 - SOFTWARE CONTENT REPOSITORY TOOL GUIDE
- VMWARE VCENTER CONFIGURATION MANAGER 5.3 - VCENTER DISCOVERED MACHINES IMPORT TOOL GUIDE
- VMWARE VCENTER CONFIGURATION MANAGER 5.3 - SOFTWARE REQUIEREMENTS GUIDE
- VMWARE VCM 5.3 - CONFIGURATION MANAGER SECURITY ENVIRONMENT REQUIREMENTS
- VMWARE VCM 5.3 - RECOVERY GUIDE
- VMware VC-SRM4-A - vCenter Site Recovery Manager
- VMware VC-VLM4-C - vCenter Lab Manager
- VMWARE VCENTER SERVER 4.0 - UPGRADE GUIDE UPDATE 1
- VMWARE VCENTER CAPACITYIQ 1.5
- VMware vCenter ConfigurationManager 5.3
- VMWARE VSPHERE CLIENT 4.0 - UPGRADE GUIDE UPDATE 1
- VMWARE VIEW 4.5 - GUIDE DE MISE A NIVEAU
- VMware VS4-STD-C - vSphere Standard - PC
- VMWARE VSPHERE 4.0 - SOFTWARE COMPATIBILITY MATRIX
- VMware vShield Endpoint 1.0
- VMware vSphere vCenter Server 4.0
Need help?
Do you have a question about the VCM 5.3 - TRANSPORT LAYER SECURITY IMPLEMENTATION and is the answer not in the manual?
Questions and answers