- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-23-2024 11:54 PM
Hi All,
Our customer planning to use self-hosted instance because of security policy.
As I know, MID server has to open outbound connection to
https://install.service-now.com
Can't make outbound connection to install.servicenow.com and oscp.entrust.net
Is it possible to create mid without that outbound connections?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-24-2024 09:09 AM
Yes. You'll have to disable OCSP checks, which aren't really recommended...but more on that here:
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1216223
With no access to install.service-now.com, your MIDs won't be able to auto-update...you'll want to pin them and have a plan to update them manually after each patch release.
Ultimately, your security team will have to determine whether disabling certificate checks and auto upgrades is more or less risk to your business than opening access for the MIDs to those URLs.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-24-2024 09:09 AM
Yes. You'll have to disable OCSP checks, which aren't really recommended...but more on that here:
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1216223
With no access to install.service-now.com, your MIDs won't be able to auto-update...you'll want to pin them and have a plan to update them manually after each patch release.
Ultimately, your security team will have to determine whether disabling certificate checks and auto upgrades is more or less risk to your business than opening access for the MIDs to those URLs.