Specifying the AT-TLS configuration file based on Policy Agent role
The Policy Agent can act as a policy server, a policy client, or neither. For more information on these different roles, see Policy types and infrastructure overview. Regardless of which option is used to configure AT-TLS policies, the resulting configuration files need to be specified using different statements, depending on the role of the Policy Agent.
- If you are using the Policy Agent as a policy client that retrieves AT-TLS policies from the policy server, specify the configuration files using the DynamicConfigPolicyLoad statement on the policy server.
- If you are using the Policy Agent as a policy client, but the policy client does not retrieve AT-TLS policies from the policy server, specify the configuration files using the TTLSConfig statement on the policy client.
- If you are not using a policy client/policy server environment, specify the configuration files using the TTLSConfig statement on the single Policy Agent.
When this information refers to configuration files, keep in mind where the files should exist, based on the role of the Policy Agent.