SM Fat Client Security & Communication protocols


HP Service Manager allows Customers to configure Secure Sockets Layer (SSL) encryption for all network communications between clients and servers except between SCAuto TCP communications. Out-of-box, Service Manager provides a demonstration server certificate that customers can use for SSL encryption. To implement addition SSL options, such as host verification and client certificates, a customer will need to install your own SSL certificates.

The HP Service Manager server now encrypts all operator passwords stored on the database using a SHA512 one-way encryption process that cannot be decrypted. Service Manager clients use a two-way encryption process (PBE with MD5 and DES) to secure operator passwords when communicating with the server. The server decrypts the password sent from the client and then one-way encrypts it to compare the results to the encrypted value stored in the database. The server never stores the operator password in an unencrypted form.

If a custonmersâ s Service Manager implementation uses LDAP authentication, the server must still send an unencrypted operator password to the directory service because LDAP servers are unaware of Service Managerâ s encryption scheme. If you require encryption between Service Manager and the LDAP server, you can configure OpenSSL or another standard encryption scheme between the two servers.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s