From 9e85be82026f416d0b0a3e149d0fc537f8c75b23 Mon Sep 17 00:00:00 2001 From: Michal Filka Date: Fri, 26 Apr 2024 10:01:29 +0200 Subject: [PATCH] Note about websocket --- doc/agama-security.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/doc/agama-security.md b/doc/agama-security.md index 7e863fb8c1..6b749878a4 100644 --- a/doc/agama-security.md +++ b/doc/agama-security.md @@ -18,6 +18,8 @@ The token carries just one claim - the expiration date. Token's lifetime is curr If both components run locally, communication can be done over HTTP even HTTPS. However, in case when both run on different machines the HTTPS is mandatory. In such case all HTTP requests are automatically redirected to HTTPS. A HTTP response with code 308 (permanent redirect) is returned in such case. +For notifications on changes from backend Agama uses WebSocket technology. Typically backend notificates about installation progress or network configuration changes this way. + ### Https certificates SSL communication is secured either by self-signed certificate which is automatically generated by Agama if no certificate was provided by user. If Agama should use particular custom certificate Agama's web server provides options --cert and --key for path to certificate respectively to private key (in PEM format).