This article describes what a jump server object is used for.
A jump server is an intermediary server through which external agents, such as Venafi Encryption Director, can access a device behind a firewall. If a jump server is required to access a device behind a firewall, the Jump Server object provides the information Venafi Encryption Director needs to communicate with the target device(s) via the jump server. Jump server may use either username and password or private key for authentication. The target device and application can’t use private key for authentication.
Venafi Encryption Director can both install and extract certificates and private keys through the jump server. Many system operations—including on-board validation—take place via the jump server. Venafi Encryption Director never accesses the jump server’s associated application(s) directly. Jump servers are not supported by all applications, please check the application specific Venafi documentation. The jump server connection goes over SSH.
When Venafi Encryption Director provisions certificates to servers that require a jump server connection, it securely copies the certificate and private key to the jump server. When the files are no longer needed, Venafi Encryption Director removes the files from the jump server.
Jump Servers are created and managed in the Policy tree. In the Policy tree hierarchy, Jump Server objects are created under Policy objects. Device objects can be created under Jump Server objects.