Update an existing Okta RADIUS Agent

RADIUS agentA software agent is a lightweight program that runs as a service outside of Okta. It is typically installed behind a firewall and allows Okta to tunnel communication between an on-premises service and Okta's cloud service. Okta employs several agent types: Active Directory, LDAP, RADIUS, RSA, Active Directory Password Sync, and IWA. For example, users can install multiple Active Directory agents to ensure that the integration is robust and highly available across geographic locations. versions 2.2.0 and later are enabled with SSL pinning, providing an extra layer of security. SSL pinning is not enabled by default for current users upgrading to the new agent. If upgrading from an agent version prior to v2.2.0, do the following after the upgrade.

Warning: The following steps should not be performed for agents on a network containing a web security appliance.

  1. Open the folder where the Okta RADIUS agent resides. The default installation folder is C:\Program Files (x86)\Okta\Okta RADIUS Agent\.
  2. From this folder, navigate to current\user\config\radius\config.properties. Before making changes, we recommend creating a back up of this file. Using a text application such a Notepad, open the file current\user\config\radius\config.properties residing in the Okta RADIUS agent installation folder.
  3. Append the following line to the end of the file: ragent.ssl.pinning = true
  4. Save the file.
  5. Restart the Okta RADIUS Agent service using the available Windows administrative tools.

This process restricts agent communication to only servers which can present valid certificates with public keys known to the new agents.

Note: See below for information on other configuration properties settings.