CheckServerCertificate
Command line | Registry
When transferring data to or from an inventory beacon using the HTTPS protocol, a web server certificate is applied to the data being transferred. All component agents can (and by default do) validate the public certificates received from the inventory beacon against their local copy (on Windows, in the certificate store; and on UNIX in the PEM file).
If you wish, you can use the CheckServerCertificate
preference to prevent agents from performing the certificate check. (Without this check, the
certificate is ignored, and the HTTPS protocol provides only encryption as security on the
transfer, without validating that the agent is contacting the correct inventory beacon server.)
You can set this as a common registry entry, so that the same behavior occurs across all agents; and you can override the common behavior by setting an overriding registry entry for any individual agent if required. By default, this preference is set so that all agents check the inventory beacon server certificate against the root CA certificate.
Values
|
Values / range |
Boolean ( |
|
Default value |
|
|
Example values |
|
Command line
|
Tool |
ndtrack, ndlaunch, ndupload |
|
Example |
|
Registry
|
Installed by |
Manual configuration |
|
Computer preference |
[Registry]\ManageSoft\Common or
[Registry]\ManageSoft\<Agent>\CurrentVersion
where <Agent> is the registry key for an
individual component.Note: In some circumstances, only the more specific path for a
specific component works.
|
FlexNet Manager Suite (On-Premises)
2020 R2