When registering a trusted host, the installation process:
If the shared secret rollover is enabled when registering a trusted host, a rollover of the shared secrets for trusted hosts can be done either manually or periodically in the AdminUI.
During a manual or periodic shared secret rollover, shared secrets are only rolled over for Agents that were configured at installation to allow rollovers (1).
What is the meaning of the "sharedsecrettime" parameter in the SmHost.conf file?
Supported versions of Policy Server and Web Agent combinations.
The sharedsecrettime in the SmHost.conf specifies when the shared secret key is rolled over.
This setting is only valid if you had enabled shared secret rollover during host registration. It will show the last time the shared secret changed.
If the value is 0, it means that shared secret rollover was not enabled.
To illustrate a shared secret rollover disabled:
$ cat SmHost.conf
# Host Registration File - /prod/apps/netegrity/secure-proxy/proxy-engine/conf/defaultagent/SmHost.conf
# This file contains bootstrap information required by
# the SiteMinder Agent API to connect to Policy Servers
# at startup. Be sure the IP addresses and ports below
# identify valid listening Policy Servers. Please do not
# hand edit the encrypted SharedSecret entry.
# Add additional bootstrap policy servers here for fault tolerance.
Shared secret rollover occurs automatically only on servers that are
configured to enable agent key generation. You enable agent key
generation by selecting the Enable Agent Key Generation check box in
the Keys tab of the Policy Server Management Console. This setting is
enabled by default.