Posts by Viji


    Like you mentioned , the certificates that allows clients which are MA managed, are exchanged between the connected ePO servers.

    Regarding the Open CA, since there is currently no easy ways for admins to see open clients especially from other ePO servers. So this was intentionally not exchanged.

    When you import the certificate, it is visible in the UI and the admin is aware.

    If you see a use case where this will be needed in a production environment , we can consider ways to make this easier.



    Due to security reasons, there is no automated way to do this and the steps depend on how you provisioned your certificate.

    1. If you used your own CA/certificate then you have to upload it to the other ePO in Server Settings->DXL Certificates (Third Party).

    You have to wake up all the brokers in the other ePO to update their keystore.

    2. If you used the dxlclient provisionconfig , then your certificate is signed by the OpenCA and you can only get that from the DXL Broker keystore.

    You can get that from any broker from the other ePO that you want to connect to so it does require an administrator to get that file.

    If you would like to take this approach then let us know and we can provide more steps.




    If your request is timing out, you can try increasing the timeout of the sync_request as shown below.

    1. res = client.sync_request(req, timeout=60). # This will wait for 60 seconds to get a response

    If the above does not work and you want to make an async_request , you have to create a callback and invoke it as shown below

    1. client.async_request(request, MyResponseCallback())

    For more details look at this example of invoking an async_request.

    The bootstrap currently only has sync_request but it is not hard to modify your code to make it async.