Secure default X509 certificates for all EPM-UL TLS communication
Endpoint Privilege Management for Unix and Linux 26.1
Prior to v26.1.0, a customer could forego the use of their own certificates in favor of EPM-UL’s default self-signed certificates.
Starting with v26.1.0, EPM-UL establishes a per-installation Public Key Infrastructure (PKI).
-
The first (primary/license) server generates a self-signed Root Certificate Authority (Root CA) certificate, which becomes the trust anchor for the entire installation.
-
Policy and log servers that can act as registration servers each receive a Subordinate CA certificate signed by the Root CA (or by another subordinate CA), and all servers and client endpoints receive individual CA-signed certificates for use in TLS communication.
-
Certificate and hostname validation are now fully enforced for connections using these new certificates.
Note that the new EPM-UL Public Key Infrastructure is only used in cases when the customer doesn’t use their own certificates for secure EPM-UL communication.
Continue reading HERE
Latest Available Versions
EPM for Linux Cloud 25.1.7 - December 2025
EPM for Unix and Linux 26.1 (On premise) – April 2026
BeyondInsight for Unix and Linux 26.1.0
BeeKeepers Hot Topics
Click here for the most popular discussions in BeeKeepers
Upcoming and In Case You Missed It Webinars
Upcoming Road Map: Endpoint Privilege Management Unix & Linux and Active Directory Bridge – May 5 2026
2026 February Product Road Map: Endpoint Privilege Management Unix & Linux and Active Directory Bridge
Tech Talk Tuesday: Securing "AI Coworkers" on the Endpoint
