Last update:
Last verified version: AMC 3.2.1
Customer Modification Policy
All certificates and keys, except the Web UI certificate, are system-managed and should not be replaced by customers.
These certificates are integral to AMC's secure communication architecture; modifying them may disrupt system functionality.
Certificate Functions
server.pem
Handles the web user interface communication and HTTPS connections to the AMC web interface.
client-service.pem
Functions as the TLS server certificate for agent communication. This certificate listens on port 443 and manages all communications between AMC and connected agents.
master-service.pem
Serves as the TLS server certificate for communication between AMC and Master ASGARD instances. This certificate listens on port 5443 and facilitates secure data exchange between these systems.
ca.pem
Acts as the Certificate Authority for the system, establishing the root of trust for certificate validation.
Certificate Management
Generation and Installation
The master-service.pem certificate is automatically created during AMC installation.
Certificate Verification with Master ASGARD
Certificate verification works bidirectionally:
-
AMC side: Uses
master-service.pemas its server certificate -
Master ASGARD side: Stores the peer certificate in its database after the first successful TLS handshake with AMC