3.4 TLS Encryption

ZENworks Orchestrator 1.3 uses Transport Layer Security (TLS) to provide encryption for both user and agent connections. By default, both the Orchestrator Agent and the Orchestrator Clients use TLS to initiate their connections to the Orchestrator Server, and then the server specifies whether to “fall back” to plain text or continue the session fully encrypted.Although you can manually configure the agent and clients to either always require TLS encryption or to fully disable TLS encryption, we recommended that you leave the agents and clients in their default configuration, and then use the Orchestrator Console on the server to specify the default behavior. This is the purpose of the TLS Options section on the main server tab of the Orchestrator Console.

Figure 3-1 TLS Options in the Orchestrator Console

Here, there are 4 levels that you can set separately for both agent connections and user/client connections:

In addition to these settings for TLS configuration, there are files that need to be protected on both the server and on the client/agent. For more information, search for the TLS Certificate Installation On ZENworks Orchestrator article at the Novell Cool Solutions Community.