7.8.3 Configure Reflection X Advantage to Connect to PKI Services Manager

Reflection X Advantage needs to connect to Reflection PKI Services Manager for host certificate verification. The procedure for configuring this connection depends on whether you are running in standalone or domain mode.

  • In standalone mode, use X Manager to configure the connection to PKI Services Manager. This connection must be configured individually on each computer running X Manager.

  • In domain mode, you need to use the Administrative Console to configure the connection to PKI Services Manager. This enables you to configure the connection once for all domain users. The connection information is used for all Secure Shell client connections in the domain that require host certificate authentication.

Before you begin

To configure X Manager to connect to PKI Services Manager

  1. Start X Manager.

  2. From the Tools menu, click Secure Shell Host keys.

  3. Click the PKI Configuration tab.

  4. For PKI server, specify the host name or IP address of the computer running PKI Services Manager. (You can specify localhost if you're running X Manager and PKI Services Manager on the same computer.)

    NOTE:If PKI Services Manager is configured to use a non-default port, include the port value using hostname:port syntax. For example acme.com:18081.

  5. Click Download key. This retrieves the public key from the specified PKI server and displays a dialog box that allows you to confirm this identity. To compare the presented fingerprint with the actual PKI Services Manager key open the PKI Services Manager console on the PKI server, and go to Utility> View Public Key.

    When you click Yes to accept the key, the key is imported into the Reflection X Advantage database.

To configure a X Manager for Domains to connect to PKI Services Manager

  1. Start the Administrative Console.

  2. Click the Domain Composition tab.

  3. For PKI server, specify the host name or IP address of the computer running PKI Services Manager. (You can specify localhost if you're running the Reflection X Advantage domain controller and PKI Services Manager on the same computer.)

    NOTE:If PKI Services Manager is configured to use a non-default port, include the port value using hostname:port syntax. For example acme.com:18081.

  4. Click Download key. This retrieves the public key from the specified PKI server and displays a dialog box that allows you to confirm this identity. To compare the presented fingerprint with the actual PKI Services Manager key open the PKI Services Manager console on the PKI server, and go to Utility> View Public Key.

    When you click Yes to accept the key, the key is imported into the Reflection X Advantage database.