The SSL protocol of the Integrity Lifecycle Manager Agent provides robust security for access across the Internet. When users connect through SSL, the connection ensures privacy, authentication, and message integrity.

The SSL protocol enables encrypted, authenticated communication across the Internet. In an SSL connection, the Integrity Lifecycle Manager Agent must have a security certificate. Each side then encrypts the data it sends ensuring the information can only be read by the intended recipient.

The Integrity Lifecycle Manager Agent complies with US Encryption Export Control Regulations. By default, the encryption strength for the SSL is 128 bit encryption.

To use the Integrity Lifecycle Manager Agent with SSL enabled, you must obtain a certificate for the machine running the Integrity Lifecycle Manager Agent. If you have an existing certificate, you can use it by importing it into the keystore (see “Configuring Integrity Lifecycle Manager Agent for Your Integrity Server”). To create a new certificate to be signed by a Certificate Authority (CA) such as VeriSign (http://www.verisign.com), see “Creating Signed Integrity Lifecycle Manager Agent Certificates”.

The following are possible scenarios for using Integrity Lifecycle Manager Agent certificates:

Before you can secure SSL connections, you must get an Integrity Lifecycle Manager Agent certificate for the machine running the Integrity Lifecycle Manager Agent. If you have an existing Integrity Lifecycle Manager Agent certificate, see “Integrity Lifecycle Manager Agent Configuration”.

SSL connections are enabled when you configure the appropriate property keys in:

where installdir is the Integrity Lifecycle Manager Agent installation directory.

To enable SSL, set the following property key:

A value of 0 disables the SSL connection.

You must also set a password for the following property key:

where keystore Password is the password used during certificate creation (see “Creating Signed Integrity Lifecycle Manager Agent Certificates”).