Use Master Repository keys in multi-server environments

Make sure that agents can use content originating from any McAfee ePO server in your environment using Server Settings.

The server signs all unsigned content that is checked in to the repository with the Master Repository private key. Agents use repository public keys to validate content that is retrieved from repositories in your organization or from McAfee source sites.

The Master Repository key pair is unique for each installation of McAfee ePO. If you use multiple servers, each uses a different key. If your agents can download content that originates from different Master Repositories, you must make sure that agents recognize the content as valid.

You can complete this process in two ways:

  • Use the same Master Repository key pair for all servers and agents.

  • Make sure that agents are configured to recognize any repository public key that is used in your environment.

This task exports the key pair from one McAfee ePO server to a target McAfee ePO server, then, at the target McAfee ePO server, imports, and overwrites the existing key pair.

Task

  1. On the McAfee ePO server with the Master Repository key pair, select MenuConfigurationServer Settings, select Security Keys from the Setting Categories list, then click Edit.
  2. Next to Local master repository key pair, click Export Key Pair, then click OK.
  3. In the File Download dialog box, click Save.
  4. Browse to a location on the target McAfee ePO server to save the .zip file. Change the name of the file if needed, then click Save.
  5. On the target McAfee ePO server where you want to load the Master Repository key pair, select MenuConfigurationServer Settings, select Security Keys from the Setting Categories list, then click Edit.
  6. On the Edit Security Keys page:
    1. Next to Import and back up keys, click Import.
    2. Next to Select file, browse to and select the master key pair file you saved, then click Next.
    3. If the summary information appears correct, click Save. The new master key pair appears in the list next to Agent-server secure communication keys.
  7. From the list, select the file you imported in the previous steps, then click Make Master. This setting changes the existing master key pair to the new key pair you imported.
  8. Click Save to complete the process.