...
Option | Keyword | Values | Description |
|---|---|---|---|
ENABLE_SSL | N/A | YES | Prior to Universal Agent 7.0.0.0, ENABLE_SSL was a configurable value that allowed the SSL/TLS protocol to be disabled for network communication between UAG and OMS. Starting with Universal Agent 7.0.0.0, the ability to configure this option was removed and SSL/TLS is always used for UAG/OMS communication. |
min_ssl_protocol | TLS1_0 or TLS1_2, | Specifies the minimum SSL/TLS protocol level that will be negotiated and used. This also can be set in the OMS server configuration; both the OMS server and OMS clients must contain at least one common protocol in order to successfully communicate. You should be aware that older versions may not support TLS1_2. | |
ssl_cipher_list | Specifies one or more acceptable cipher suites to use for network communication. You should review this list and adjust it in order to enforce the level of encryption to suit your security policy requirements. This also can be set in the OMS server configuration; both the OMS server and OMS clients must contain at least one common cipher suite in order to successfully communicate. You should be aware that different versions may not support all of the same cipher suites. |
...
OMS Server Certificate Configuration: ubroker.conf
Option | Keyword | Description |
|---|---|---|
certificate | Specifies the location of the file that contains the PEM-formatted X.509 certificate. | |
private_key | Specifies the location of the PEM-formatted file that contains the RSA private key associated with OMS Server's UBROKER X.509 certificate. | |
private_key_password | If the RSA private key requires a password or passphrase; specifies that password or passphrase. |
...
Option | Keyword | Values | Description |
|---|---|---|---|
ssl_server_auth | YES or NO, | Specifies whether or not UAG authenticates the OMS server certificate as part of the SSL handshake. |
...