Update an existing Okta RADIUS Agent
RADIUS agent versions 2.2.0 and later are enabled with SSL pinning, providing an extra layer of security. SSL pinning is not enabled by default for current users upgrading to the new agent. If upgrading from an agent version prior to v2.2.0, do the following after the upgrade.
Warning: The following steps should not be performed for agents on a network containing a web security appliance.
- Open the folder where the Okta RADIUS agent resides. The default installation folder is C:\Program Files (x86)\Okta\Okta RADIUS Agent\.
- From this folder, navigate to current\user\config\radius\config.properties. Before making changes, we recommend creating a back up of this file. Using a text application such a Notepad, open the file current\user\config\radius\config.properties residing in the Okta RADIUS agent installation folder.
- Append the following line to the end of the file: ragent.ssl.pinning = true
- Save the file.
- Restart the Okta RADIUS Agent service using the available Windows administrative tools.
This process restricts agent communication to only servers which can present valid certificates with public keys known to the new agents.
Note: See below for information on other configuration properties settings.