1 Reply Latest reply on Jan 13, 2014 5:40 AM by rackroyd

    Agent key updater...what is it needed for?


      What is the ePO agent key updater? What is it's purpose and use?


      if I am not changing my ePo server and jsut updating the agent on client machines, is it needed as well?

        • 1. Re: Agent key updater...what is it needed for?

          Not necessarily required, what it essentially does it tell an agent to go fetch whatever public key is designated as 'master'.


          Per the ePO product guide:


          Agent-server secure communication (ASSC) keys are used by the agents to communicate securely with the server.

          You can make any ASSC key pair the master, which is the key pair currently assigned to all deployed agents. Existing agents that use other keys in the Agent-server secure communication keys list do not change to the new master key unless there is a client agent key updater task scheduled and run.


          One example of when it would have been advisable was during upgrade from MA 4.0 to 4.5/4.6. At that time the key size also increased from 1024bit to 2048Bit.


          If you were looking to remove legacy agent-server keys for some reason, it would be one step in the process to run the key updater task to ensure agents moved from legacy keys so that when the legacy key is removed from ePO those agents still communicate.


          this is why it's an optional download.