Versions Compared

Old Version 1

changes.mady.by.user Stonebranch

Saved on

compared with

New Version Current

changes.mady.by.user Stonebranch

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Option

Keyword

Values

Description

ENABLE_SSL

N/A

YES

Prior to Universal Agent 7.0.0.0, ENABLE_SSL was a configurable value that allowed the SSL/TLS protocol to be disabled for network communication between UAG and OMS.

Starting with Universal Agent 7.0.0.0, the ability to configure this option was removed and SSL/TLS is always used for UAG/OMS communication.

MIN_SSL_PROTOCOL

min_ssl_protocol

TLS1_0 or TLS1_2,
(default = TLS1_2)

Specifies the minimum SSL/TLS protocol level that will be negotiated and used. This also can be set in the OMS server configuration; both the OMS server and OMS clients must contain at least one common protocol in order to successfully communicate. You should be aware that older versions may not support TLS1_2.

SSL_CIPHER_LIST

ssl_cipher_list

list of cipher suites

Specifies one or more acceptable cipher suites to use for network communication. You should review this list and adjust it in order to enforce the level of encryption to suit your security policy requirements. This also can be set in the OMS server configuration; both the OMS server and OMS clients must contain at least one common cipher suite in order to successfully communicate. You should be aware that different versions may not support all of the same cipher suites.

...

Universal Controller Configuration: opswise.properties

Property

Desscription

/wiki/spaces/UC71x/pages/5177877uc.trustmanager.ssl.protocols

Comma-separated list of SSL/TLS protocols that can be negotiated and used. This also can be set in the OMS server configuration; both the OMS server and OMS clients must contain at least one common protocol in order to successfully communicate. You should be aware that older versions may not support TLS1_2.

...

OMS Server Certificate Configuration: ubroker.conf

Option

Keyword

Description

CERTIFICATE

certificate

Specifies the location of the file that contains the PEM-formatted X.509 certificate.

PRIVATE_KEY

private_key

Specifies the location of the PEM-formatted file that contains the RSA private key associated with OMS Server's UBROKER X.509 certificate.

PRIVATE_KEY_PWD

private_key_password

If the RSA private key requires a password or passphrase; specifies that password or passphrase.

...

Option

Keyword

Values

Description

SSL_SERVER_AUTH

ssl_server_auth

YES or NO,
(default = NO)

Specifies whether or not UAG authenticates the OMS server certificate as part of the SSL handshake.

...