MIDserver with Self-hosted instance

Hank Woo · ‎12-23-2024

Hi All,

Our customer planning to use self-hosted instance because of security policy.

As I know, MID server has to open outbound connection to

https://install.service-now.com

https://servicenow-instance

http://oscp.entrust.net

Can't make outbound connection to install.servicenow.com and oscp.entrust.net

Is it possible to create mid without that outbound connections?

SELECT Username · ‎12-24-2024

Yes. You'll have to disable OCSP checks, which aren't really recommended...but more on that here:
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1216223

With no access to install.service-now.com, your MIDs won't be able to auto-update...you'll want to pin them and have a plan to update them manually after each patch release.

Ultimately, your security team will have to determine whether disabling certificate checks and auto upgrades is more or less risk to your business than opening access for the MIDs to those URLs.

View solution in original post

SELECT Username · ‎12-24-2024

Yes. You'll have to disable OCSP checks, which aren't really recommended...but more on that here:
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1216223

With no access to install.service-now.com, your MIDs won't be able to auto-update...you'll want to pin them and have a plan to update them manually after each patch release.

Ultimately, your security team will have to determine whether disabling certificate checks and auto upgrades is more or less risk to your business than opening access for the MIDs to those URLs.