The 7.5 SMP Agent for Unix, Linux and Mac (ULM) uses its own certificate store.
It is possible, and sometimes required, for the ULM agent to store multiple certificates. Such instances include when the Notification Server (NS) and Site Server (SS) or Package Server (PS) use different certificates or when switching certificates on an NS or SS.
Recommended steps to add multiple certificates to a ULM client:
Additional notes:
-----BEGIN CERTIFICATE----- BASE64DATA for certificate 1 -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- BASE64DATA for certificate 2 -----END CERTIFICATE-----
<CurlSSL SSLNSPublicHttpsCertFingerprint="" SSLVerifyPeer="yes" SSLVerifyHost="yes" CAInfo="/mycert.pem" CAPath=""/>
Important note regarding switching certificates on a Notification Server, Site Server, etc.:
Prior to switching certificates on an NS or SS, the new cert should be delivered to client computers to enable them to begin using the new certificate when the switch occurs. Preferably, the file with new certificates should be specified in Targeted Agent Settings CA file. Otherwise, the clients will lose connectivity to the NS/SS when the switch occurs and the certificate will have to be delivered to each client via other means to regain connectivity. Or, the agent would require an interactive configuration using "aex-configure -iconfigure". It's much better to deliver the new certificate to the ULM clients prior to enabling it on an NS or SS.
As far as I know, that now in 7.5 SP1 release, it works:
1. If NS Server and Site Server are joined in Active Directory and they are using "Internal CA" for SSL communication, then ULM managed endpoint doesn't require to perform aex-getcert command line or apply Site Server certificate via Targeted Agent Settings policy, to get "cainfo-merged.pem", for successful communication with Site Server.
2. If Site Server uses self-signed certificate, then ULM managed endpoint should apply each Site Server certificate via aex-getcert command line or via Targeted Agent Settings policy.
Just an additional information