| Warning |
|---|
Arellia Agent Installation WILL FAIL if you have not installed all of the prerequisites! See /wiki/spaces/AMS/pages/1153427 before continuing! |
During installation of the Arellia Agent the following changes will be made to the target client machine:
...
- Certificate must belong in the Local Machine store and be issued to the hostname or FQDN of the client machine
- If there are certificates that specify a Subject Alternative Name whose DNS Name matches the machine FQDN they will also be considered
- Certificate intended purpose must be for All Purposes or Client Authentication
- Certificate chain must only contain trusted Certification Authorities
- Certificate must have a private key that LocalSystem and the Administrators group can read
In the case of multiple certificates meeting the above criteria the following selection priority will be used:
Priority 1 Certificates issued by a trusted Certification Authority to FQDN of client machine Priority 2 Certificates issued by a trusted Certification Authority to hostname (or FQDN using Subject Alternative Name) of client machine Priority 3 Self-signed certificates issued to FQDN of client machine Priority 4 Self-signed certificates issued to hostname (or FQDN using Subject Alternative Name) of client machine
If multiple certificates are match the same priority level the certificate with the longest validity from the current date will be selected.
If after evaluating all of these criteria no certificate is identified as a candidate the Arellia Agent installation will generate its own trusted self-signed certificate. This certificate will be valid for a period of 5 years.
For more information about Arellia Agent Installation, go to Arellia Agents Home