CheckServerCertificate

IT Asset Management (Cloud)

Command line | Registry

When transferring data to or from an inventory beacon using the HTTPS protocol, a web server certificate is applied to the data being transferred. All components can (and by default do) validate the public certificates received from the inventory beacon against their local copy (on Windows, in the certificate store; and on UNIX in the PEM file).

If you wish, you can use the CheckServerCertificate preference to prevent agents from performing the certificate check. (Without this check, the certificate is ignored, and the HTTPS protocol provides only encryption as security on the transfer, without validating that the agent is contacting the correct inventory beacon server.)

You can set this as a common registry entry, so that the same behavior occurs across all components; and you can override the common behavior by setting an overriding registry entry for any individual component if required. By default, this preference is set so that all components check the inventory beacon server certificate against the root CA certificate.

Values

Values / range

Boolean (True or False)

Default value

True

Example values

False

Command line

Tool

ndtrack, ndupload

Example

-o CheckServerCertificate="False"

Registry

Installed by

Manual configuration

Computer preference

[Registry]\ManageSoft\Common or [Registry]\ManageSoft\<Component>\CurrentVersion where <Component> is the registry key for an individual component.
Note: In some circumstances, only the more specific path for a specific component works.

IT Asset Management (Cloud)

Current