As a security enforcement, the communication between the UD Agent and the UCMDB probe should use CA signed certificates and not self-signed certificates.
So many votes! C'mon .... make this happen
It is not an option, it is a mast to have this feature.
Our bank can't pass the PCI-DSS audit due to findings on the self-signed certificate between DFP & UDAs, it should CA-Signed certificate…
Up-to UCMDB 10.32 it was described in the docs how to “Enable Secure Communication between UD agents and Data Flow Probes using CA-signed Certificates”. In newer documentation this section was skipped…
The cybersecurity team at my organization has identified this as a security vulnerability. Is it possible to have this appended to the next release? We currently have an open request to get this resolved as a hot fix (SD02904436). Has there been any traction on this request in the past few months?
We're running 2019.05 but I still have the hardening guide from 10.30 with the instructions securing the probe to UDA using a CA-signed certificate. Do you happen to know if the process will work on the later version of uCMDB?
I did see a note in the instructions that it pertained specifically to OpenSSL version 0.9.8.
Up-to UCMDB 10.32 it was described in the docs how to “Enable Secure Communication between UD agents and Data Flow Probes using CA-signed Certificates”. In newer documentation this section was skipped.
One of my customers were able to enable this feature in UCMDB 10.33 with the described procedure.