Encryption - RSA SecurID Authentication API for Authentication Agents
We are in the process of enabling the RSA Secure ID Authentication REST API. Since this is a fairly new technology, we would like to get confirmation from you that even without enabling HMAC for authentication agents, that the communication between the client and the RSA infrastructure is encrypted.
In our specific case, the client is a VMware UAG appliance that requires both the Access Key and the RSA SSL server certificate to establish connection to the RSA server. We basically want to confirm that even without enabling HMAC for authentication agents, the network traffic will be encrypted using the provided the RSA SSL server certificate.
We use the imported root certificate for authentication, not encryption. We use the certificate presented on port 5555 (if you are using Authentication Manager) for encryption or 443 (if you are using the Cloud Authentication Service).