(imported topic written by Justin-B)
I am planning on enabling the message level encryption, but I was wondering, since the main BigFix server would be doing the decryption would the communication to the relays be plain text? Or would the relays also have the public key and use the Message Level Encryption for communication?
Thank you,
Justin
(imported comment written by SystemAdmin)
This depends on how you configure MLE.
By default, it seems that MLE keeps the data encrypted from the client through the Relay until it reaches the Main Server. This is why the Main Server needs to have enough processor capacity to handle the client loads (article lists recommendations). You can offload the decryption to Relays to that the messages are decrypted at the Relay before being sent in “clear text” to the Main Server. Read the section “Enabling Decrypting Relays (optional)”.
(imported comment written by Justin-B)
I seen that, but since the main server decrypts the message how does it communicate back with the relays? Is that communication in plain text?
(imported comment written by Bhushan Chirmade)
Why do you think it will be in plain text? AFAIK, both way communication is encrypted.
(imported comment written by Justin-B)
If my setup has 3 relays and 1 root server, the root server is decrypting all the traffic, how does the relays know the information? It would have to get decrypted at the root server and then communicate to the relays…
the root server to relays information is encrypted? sounds like a no but there is no sure answer.