Tranquil IT Forum

Good morning,

To begin, here is my setup:

• WAPT version installed: 2.4

• Server OS: Debian GNU/Linux 11 (bullseye)

• Operating system of the administration/package creation machine: Windows 11

• An Nginx PM acting as a reverse proxy

I have two questions, one of which is very simple, but I can't find an answer despite my research.

Question 1:
Is it possible to enable and use Kerberos authentication without Active Directory?

Question 2:
Context :
We currently have several sites without MPLS, so I would like to make the WAPT server accessible from the internet.
To do this, I'm using Nginx PM and my router routes all traffic to this Nginx PM. Furthermore, I'd prefer not to create a DMZ.
Everything works, it's perfect, but everyone can access the WAPT web page via browser.

I would like to block access to the web page but still allow agents to communicate with the WAPT server

How can I do it?
(I've already seen this topic, it's not exactly the same context:) viewtopic.php?t=3430 )

Thanks in advance

Hello,

after reading many forum topics and documentation, I've decided to implement certificates.
To access the WAPT console, I'm using the domain contoso.mydomain.fr, which is associated with a Let's Encrypt certificate.

However, I'm having trouble understanding how to implement a client certificate.
Where should I configure them: "Tools - Preferences - Check HTTPS Server Certificate," during WAPT agent creation, or during the initial configuration?
How do I generate them: from a client using commands like "wapt-get enable-check-certificate" and "wapt-get restart-waptservice," or on the server?

I'm completely lost.

Thank you for your help.