BigMemory 4.3.7 | Product Documentation | BigMemory Max Security Guide | Using Encrypted Keychains | Securing with the TMS
 
Securing with the TMS
If you are using the Terracotta Management Server (TMS), you must set up JMX authentication. Every node in the cluster must have the following entry in its keychain, all locked with the identical secret:
jmx:net.sf.ehcache:type=RepositoryService
In addition, server-server REST-agent communication must also be authorized using a keychain entry using the format jmx://<user>@<host>:<group-port> .
Add entries to the keychain file as described in Setting up the Server Keychain, but avoid using the -O flag when using the keychain script.
For example, to create an entry for server2 in server1's keychain, use:
tools/security/bin/keychain.sh server1keychain.tkc
jmx://server2username@172.16.254.2:9530
Each server must have an entry for itself and one for each other server in the TSA.