MIDserver with Self-hosted instance

Hank Woo
Tera Guru

Hi All,

 

Our customer planning to use self-hosted instance because of security policy.

 

As I know, MID server has to open outbound connection to 

https://install.service-now.com

https://servicenow-instance

http://oscp.entrust.net

 

Can't make outbound connection to install.servicenow.com and oscp.entrust.net

 

Is it possible to create mid without that outbound connections?

1 ACCEPTED SOLUTION

SELECT Username
ServiceNow Employee
ServiceNow Employee

Yes.  You'll have to disable OCSP checks, which aren't really recommended...but more on that here:
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1216223

 

With no access to install.service-now.com, your MIDs won't be able to auto-update...you'll want to pin them and have a plan to update them manually after each patch release.

 

Ultimately, your security team will have to determine whether disabling certificate checks and auto upgrades is more or less risk to your business than opening access for the MIDs to those URLs.

View solution in original post

1 REPLY 1

SELECT Username
ServiceNow Employee
ServiceNow Employee

Yes.  You'll have to disable OCSP checks, which aren't really recommended...but more on that here:
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1216223

 

With no access to install.service-now.com, your MIDs won't be able to auto-update...you'll want to pin them and have a plan to update them manually after each patch release.

 

Ultimately, your security team will have to determine whether disabling certificate checks and auto upgrades is more or less risk to your business than opening access for the MIDs to those URLs.