Once all related configuration settings have been created, X.509 certificates can be enrolled onto the server hosts.
The Management Server triggers the certificate enrollment on each host. The Management Agent generates a key pair and a PKCS#10 certificate request for the private key. The Management Server verifies that the certitificate request matches the configuration and enrolls the certificate. The Management Server sends the certificate issued by the CA, in this case the SSH Tectia Manager Internal CA, to the Management Agent which will install the certificate and restart/reconfigure SSH Tectia Server. The success status of the operation is sent back to the Management Server from each host, and the server hosts are now ready for certificate authentication. See Figure 5.23.
Figure 5.23. Server host certificate deployment
Copyright 2010 SSH Communications Security Corp. This software is protected by international copyright laws. All rights reserved. Contact Information
Highlights from the SSH.COM blog:
Cryptomining with the SSH protocol: what big enterprises need to know about it
Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency. Read more
SLAM the door shut on traditional privileged access management
Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity? Read more
We broke the IT security perimeter
Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so. Read more