When an RMI connection is established to the broker message server, the broker message server requests a certificate from the client to perform client authentication. The certificate is validated against the trust store for the vRealize Operations for Published Applications adapter before proceeding with the connection.

If the client does not provide a certificate, or the agent's certificate cannot be validated, the connection is rejected. When you first install the broker agent, a self-signed certificate is generated. The broker agent uses this self-signed certificate by default to authenticate to the vRealize Operations for Published Applications adapter. Because this certificate is generated dynamically, you must manually pair the vRealize Operations for Published Applications adapter and broker agent before the broker agent can communicate with the vRealize Operations for Published Applications adapter. For more information, see Certificate Pairing.