RMI servers provide a certificate that the agents use to authenticate the Horizon adapter. Broker agents use SSL/TLS client authentication with a certificate that the Horizon adapter uses to authenticate the broker agents. Desktop agents provide tokens that the Horizon adapter uses to authenticate the desktop agents.
To increase security, you can replace the default self-signed certificates that the Horizon adapter and broker agents use. You can also reissue desktop authentication tokens.