1.0 Introduction
1.1 Audience
1.2 Overview
1.3 The Chain of Trust
1.4 Deployment Scenarios
1.5 Workflow
2.0 Cloud Integrity Technology Components
2.1 Attestation Server
2.2 Trust Agent
3.0 Cloud Integrity Technology Setup
3.1 Installing the Attestation Server
3.1.1 Package Dependencies
3.1.2 Supported Operating Systems
3.1.3 Recommended Hardware
3.1.4 Installation
3.2 Installing the Trust Agent
3.2.1 Installing the Trust Agent - RHEL
3.2.1.4 Installation
Prerequisites Packages Installation
Updating GRUB2 Menu
3.2.1.5 Firewall Configuration
3.2.1.6 Trust Agent Installation
3.2.2 Installing the Trust Agent - Ubuntu
3.2.2.4 Installation
Prerequisites Packages Installation
Updating GRUB2 Menu
3.2.2.5 Firewall Configuration
3.2.2.6 Trust Agent Installation
3.2.3 Installing the Trust Agent - Windows
3.2.3.1 Supported Operating Systems
3.2.3.2 Package Dependencies
3.2.3.3 Prerequisites
3.2.3.4 Installation
4.0 Getting Started
4.1 Portal Overview
4.2 Whitelist
4.2.1 Importing Whitelist MLEs
4.2.2 Importing Whitelist MLE Values from a Windows Trust Agent Host
4.2.3 Importing Whitelist MLE Values from a KVM or Xen Trust Agent Host
4.2.4 Importing Whitelist MLE Values from a Citrix Xen Trust Agent Host
4.2.5 Importing Whitelist MLE Values from an ESXi Trust Agent Host
4.2.6 Edit/View MLE
4.2.7 Edit OS
4.2.8 Edit OEM
4.3 Host Management
4.3.1 Importing Hosts
4.3.2 Registering Hosts Using a Flat File
4.3.3 Registering ESXi Hosts by Cluster
4.3.4 Manual Host Registration
4.3.5 Trust Dashboard
4.3.6 Trust Assertion Details
4.3.7 Trust Report
4.3.8 Asset Tag Visibility and Attestation
4.3.9 Bulk Trust Refresh
4.3.10 Reports
4.3.11 Administration
4.3.11.1 User Account Registration
4.3.11.2 Description of Cloud Integrity Technology Roles
4.3.11.3 New User Creation
4.3.11.4 View Certificates
4.3.11.5 TLS Policy Management
5.0 Configuration
5.1 PCR Definitions
5.2 Tested Platforms
5.3 Whitelisting Guidelines
5.4 MLE Administration
5.5 TLS Policy Overview
5.5.1 TLS Policy Types
5.5.2 Policy Scope
5.5.3 Default Policy Selection
5.5.4 Cloud Integrity Technology 1.x Behavior
5.6 Database Configuration for Remote Database Servers
5.7 SSL Changes from CIT 1.x to CIT 2.x
5.8 Command-Line Interface
5.8.1 Attestation Service
5.8.1.1 Check Server Version
5.8.1.2 Check Server Status
5.8.1.3 Start and Stop the Server
5.8.1.4 Change the Database Password and Update Configuration Files
5.8.1.5 Output Attestation Service SSH Key and SAML Certificate Fingerprints
5.8.1.6 Detect and Output Currently-Installed Version of and Installation Location Java
5.8.1.7 Detect and Output Currently Installed Version and installation location of Tomcat
5.8.1.8 Generate a New Tomcat SSL Certificate
5.8.1.9 Check the Status of the Tomcat Web Server
5.8.1.10 Backup and Restore All Keys, Certificates, and Secrets Used by the Attestation Service
5.8.1.11 Execute All Setup Tasks
5.8.1.12 Execute Specific Setup Tasks
5.8.1.13 Validate a Setup Task Without Executing It
5.8.1.14 Force Execution of a Setup Task Even if It is Already Validated
5.8.1.15 Continue Executing Subsequent Setup Tasks Even if One Fails
5.8.1.16 Uninstall
5.8.1.17 Help
5.8.2 Trust Agent
5.8.2.1 Start
5.8.2.2 Stop
5.8.2.3 Restart
5.8.2.4 Status
5.8.2.5 Version
5.8.2.6 Authorize
5.8.2.7 Setup
5.8.2.8 Uninstall
5.8.2.9 Help
5.9 Installation and Configuration Options
5.9.1 Attestation Service
5.9.1.1 Installation Options
5.9.1.2 Configuration Options
5.9.2 Trust Agent - Linux
5.9.3 Trust Agent - Windows
5.10 Security Configuration
5.10.1 Attestation Service
5.10.1.1 Encrypting the Configuration Files
5.10.1.2 Changing the Database Password
5.10.2 Trust Agent
5.11 High Availability Guidelines
5.11.1.1 Prerequisites
5.11.1.2 Deployment Instructions
5.11.1.3 Failover
6.1 Attestation Service
6.2 Trust Agent
6.2.1 Uninstalling the Linux Trust Agent
6.2.2 Uninstalling the Windows Trust Agent
7.0 Troubleshooting Guide
8.0 TXT/TPM Prerequisites and Activation
8.1 Trusted Boot Provisioning
8.1.1 Ubuntu
8.1.2 RHEL/Fedora/SuSe Linux
8.1.3 Microsoft HyperV 2012 Server
8.1.4 Microsoft Windows Server 2012
9.0 Frequently Asked Questions