Hi everybody
I am posting this because the generation and implementation of custom certificates is puzzling me.
Following situation:
There is an existing, productive DLP installation hosting the roles Enforce and Endpoint Prevent on one server. No custom certificate has been generated so far.
Around 200 DLP agents have been rolled out and are reporting to this server.
Now, a new remotely located detection server is added to the DLP environment. The server was added, is communicating and running properly so far. No agents have been deployed to this server yet.
Since I do not want to leave the servers communicating with the built-in certificate, there needs to be added a custom certificate for the servers.
After consulting the documentation, I am now quite a bit unsure about the process of doing so:
- I only want one certificate to be generated, not various certificates. This certificate I want to use for as many future detection servers there will be. Is this possible?
- After generating this custom certificate, do the already installed DLP agents need to be re-installed? I absolutely do not want to do this.
- As the new detection server has been added to the configuration, a new monitor*_truststore.jks and monitor*_keystore.jks file have been generated in the keystore folder - I do not really understand why.
- What happens to the *.jks-files after implementing a custom certificate? It's clear that the certificat_authority.jks will not be touched.
- To install DLP agents connecting to the new detection server, do I need to customize more than the endpoint server? The *.pem-files will be generated automatically for the correlating detection server?
If somebody could help me claryfing this, I'd be greatful :)