Configuring Identity Assertion

Edit online

Add the following to each server's <security> block: 

<security>
...
  <management>
    <ia> https://my-tms.mydomain.com:9443/tmc/api/assertIdentity</ia>
    <timeout>10000</timeout>
    <hostname>my-l2.mydomain.com</ hostname >
  </management> 
</security>

where:

  • <timeout> is the timeout value in milliseconds for connections from the server to the TMS.

  • <ia> is the HTTPS (or HTTP) URL with the domain of the TMS, followed by the port 9443 and the path /tmc/api/assertIdentity.

    If you are using HTTPS, which is recommended, export a public key from the TMS and import it into the server's truststore. You must also export a public key from the server and import it into the TMS's truststore, or copy the server's truststore (including the local server's public key) to the TMS.

  • <management><hostname> is used only if the DNS hostname of the server does not match server hostname used in its certificate. If there is a mismatch, enter the DNS address of the server here.

You must export a public key from the TMS.