To prevent tampering with the Java Agent truststore, you should:

• Secure the truststore file through filesystem permissions:
  • Make the agent truststore readable by any user.
  • Make the truststore owned by a privileged user.
  • Make the truststore writable only by the specified privileged user.

• Secure the agent configuration files so that they are only readable by the agent runtime user and only writable by a privileged user:
  • Versioned configuration file: <agent_home>/<version_number>/conf/controller-info.xml.
  • Global configuration file: <agent_home>/conf/controller-info.xml.