Security Concept for the ServiceManager
The ServiceManager is a powerful application to manage components (such as the Automation Engine processes or Agents) by starting, stopping and accessing them from a central point.
As of version 12.2, the ServiceManager uses TLS 1.2 and CAPKI to establish secure connections to its clients, the ServiceManager - Service, the ServiceManager - Dialog Program, the ServiceManager - Command Line Program (CLI) and the Server Processes of the Automation Engine. Therefore, you need to install CAPKI on all computers in which any of the mentioned components run.
More information:
- CAPKI - Securing the ServiceManager
- ServiceManager - Service
- ServiceManager - Command Line Program (CLI)
- Server Processes
The ServiceManager clients do not validate any certificate by default. To enable certificate validation, you need to create a folder which contains all certificates the component should consider as trusted. The default path for this folder is defined in the component's INI file: cert_trusted_folder=.\trusted.
To secure the ServiceManager from unauthorized access you can protect it with passwords. If you set a password, each request has to be authenticated with this password.
A password has to be set for each ServiceManager instance, so you can use different passwords for each ServiceManager service.
To Set a Password
- Open the ServiceManager dialog.
- Left-click on the icon in the title bar to open the menu.
- Select Change password. Enter and confirm it.
- Click OK.
See also: