SM Fat Client Security & Communication protocols

HP Service Manager allows Customers to configure Secure Sockets Layer (SSL) encryption for all network communications between clients and servers except between SCAuto TCP communications. Out-of-box, Service Manager provides a demonstration server certificate that customers can use for SSL encryption. To implement addition SSL options, such as host verification and client certificates, a customer will need to install your own SSL certificates.

The HP Service Manager server now encrypts all operator passwords stored on the database using a SHA512 one-way encryption process that cannot be decrypted. Service Manager clients use a two-way encryption process (PBE with MD5 and DES) to secure operator passwords when communicating with the server. The server decrypts the password sent from the client and then one-way encrypts it to compare the results to the encrypted value stored in the database. The server never stores the operator password in an unencrypted form.

If a custonmersâ s Service Manager implementation uses LDAP authentication, the server must still send an unencrypted operator password to the directory service because LDAP servers are unaware of Service Managerâ s encryption scheme. If you require encryption between Service Manager and the LDAP server, you can configure OpenSSL or another standard encryption scheme between the two servers.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s