4.6. Configuring SSL Connections with the TPS


By default, the TPS communicates with the Enterprise Security Client over standard HTTP. It is also possible, and in many situations desirable, to secure the TPS-client communications by using HTTP over SSL (HTTPS).
The Enterprise Security Client has to have the CA certificate for the CA which issued the TPS's certificates in order to trust the TPS connection. From there, the Enterprise Security Client can be configured to connect to the TPS's SSL certificate.
  1. Download the CA certificate used by the TPS.
    1. Open the CA's end user pages in a web browser.
      https://server.example.com:9444/ca/ee/ca/
    2. Click the Retrieval tab at the top.
    3. In the left menu, click the Import CA Certificate Chain link.
    4. Choose the radio button to download the chain as a file, and remember the location and name of the downloaded file.
  2. Open the Enterprise Security Client.
  3. Import the CA certificate.
    1. Click the View Certificates button.
    2. Click the Authorities tab.
    3. Click Import.
    4. Browse to the CA certificate chain file, and select it.
    5. When prompted, confirm that you want to trust the CA.
  4. The Enterprise Security Client needs to be configured to communicate with the TPS over SSL; this is done by setting the Phone Home URL, which is the default URL the Enterprise Security Client uses to connect to the TPS.
  5. Insert a new, blank token into the machine.
    Blank tokens are unformatted, so they do not have an existing Phone Home URL, and the URL must be set manually. Formatted tokens (tokens can be formatted by the manufacturer or by your IT department) already have the URL set, and thus do not prompt to set the Phone Home URL.
  6. Fill in the new TPS URL with the SSL port information. For example:
    https://server.example.com:7890/cgi-bin/home/index.cgi
  7. Click the Test button to send a message to the TPS.
    If the request is successful, the client opens a dialog box saying that the Phone Home URL was successfully obtained.
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.