2.2. Post Installation Configuration

Following a default installation, SGD is configured to use secure connections. However, there are some optional post-installation tasks that you might want to do to improve security.

The following table includes some topics for post-installation tasks.

Table 2.2. Optional Post-Installation Tasks

Topic

More Information

Secure communications. During installation, a Secure Sockets Layer (SSL) certificate is installed and the SGD server is configured to use SSL for secure communications. Following installation, you might want to use a different SSL certificate.

For example, if you do not specify certificate details during installation, a self-signed SSL certificate is created and installed automatically. If you are using SGD in a production deployment you must replace any self-signed certificates with certificates signed by a recognized Certificate Authority (CA).

Caution

Only use self-signed SSL certificates in a test environment. For a production deployment, always use certificates signed by a recognized CA.

Cryptographic algorithms. You can configure SGD to use cryptographic algorithms that meet your security needs.

Protecting sensitive data. Files that contain sensitive information have restrictive permissions by default. You may want to review the file permissions to suit your security policy.

SGD Gateway. The SGD Gateway is a proxy server specially designed to improve the security of an SGD installation.