You are not logged in.

Announcement

 Téléchargez la dernière version stable de GLPI      -     Et vous, que pouvez vous faire pour le projet GLPI ? :  Contribuer
 Download last stable version of GLPI                      -     What can you do for GLPI ? :  Contribute

Pages: 1

#1 2023-11-26 10:17:42

InvisibleJim
Member
Registered: 2023-11-26
Posts: 14

Help Understanding Correct SSL Settings for GLPI Agent

I have been struggling for some time to understand the SSL settings on the GLPI agent configuration. The documentation states that setting no-ssl-check to 1 is insecure and shouldn't be used in a production environment but after extensive searching on the web, I am not clear on some of the details of the correct configuration.

- What is the purpose of the certificate and how does it improve security? Is it used to (1) authenticate the agent to the server when submitting inventory or to (2) verify the server to the agent when running server initiated tasks like deploy?
- My GLPI server has a LetsEncrypt certificate. If case (2) what are the settings for he agent to trust the Letsencrypt certificate?
- Otherwise, is a dedicated CA/PKI infrastructure required?

Thanks in advance for anyone who can enlighten me.

Offline

#2 2023-12-22 18:13:27

Ragnarok
Member
Registered: 2019-10-28
Posts: 44

Re: Help Understanding Correct SSL Settings for GLPI Agent

no-ssl-check is for you self-signed certs or cert that you do not have the CA on the agent computer.

So, if you are using letsencrypt the no-ssl-check must be 0  (or not set)

This is for the agent verify the server certificate.

Offline

Pages: 1

Board footer

Powered by FluxBB