How is Shared Secret generated and is it specific to a machine?

Document ID : KB000051260
Last Modified Date : 14/02/2018
Show Technical Document Details

Shared secret value is used for communication between a web agent and a policy server.

The shared secret value is generated by the WebAgent, and then stored in the SmHost.conf file on the WebAgent side, and in the trusted host object on the policy server side.

If your WebAgent is on UNIX, then the hostid of the server is used in the hash of the shared secret. This means that for a UNIX platform any time you move an agent you will be required to register it again. So, SmHost.conf files cannot be moved from one UNIX machine to another.

Shared Secret that gets written in SmHost.conf is generated randomly using the Encryption key stored in <SiteMinder policy server installation>\bin\EncryptionKey.txt and Session key which is encoded with unique hash bits derived from the MAC address of the machine. Thus if Shared Secret is ported to a different machine, it would not work.