You are setting up a Linux host to act as an HTML 5 gateway for PSM sessions.
Which servers need to be trusted by the Linux host to secure communications through the gateway?
You are setting up a Linux host to act as an HTML 5 gateway for PSM sessions.
Which servers need to be trusted by the Linux host to secure communications through the gateway?
To secure communications through the HTML 5 gateway for PSM sessions on a Linux host, the host needs to trust both the PSM (Privileged Session Manager) and the PVWA (Password Vault Web Access) servers. The PVWA is responsible for redirecting the connections through the gateway to the PSM, which manages and monitors privileged sessions. Therefore, both PSM and PVWA are essential for the secure functioning of the HTML 5 gateway.
Haven't been able to find a direct reference however when launching an account the PVWA must be able to direct the connection through the HTML5 GW host to the PSM and my understanding is the trust is established using certificates that are imported into the /opt/cert directory during configuration. https://docs.cyberark.com/Alero/Latest/en/Content/LandingPages/LPHTML5GW.htm#:~:text=When%20an%20end%20user%20connects%20with%20an%20account%2C%20the%20PVWA%20redirects%20the%20connection%20through%20the%20gateway%20that%20is%20configured%20for%20the%20PSM%20server. https://docs.cyberark.com/PAS/Latest/en/Content/PAS%20INST/Install_PSM_HTML5_Docker.htm#Map:~:text=Place%20the%20following%20items%20in%20this%20directory%20to%20import%20them%20to%20the%20trusted%20store
https://docs.cyberark.com/Alero/Latest/en/Content/LandingPages/LPHTML5GW.htm#:~:text=The%20HTML5%20gateway%20tunnels%20the,a%20remote%20machine%20through%20PSM.