The CA PAM client is not much different than the common browser interface. Since most common web browsers no longer support the us of Java Applets the CA PAM client became a more common way to use the product. The PAM Client is created using a customized Chromium Browser with local Java components to allow local access. Due to the updates required to maintain compatibility an update process is used to ensure the common components installed locally match the version from the PAM server it is connected to.
Release : 3.3
Component : PRIVILEGED ACCESS MANAGEMENT
The general process of the way the CA PAM Client is installed an updated is as follows.
When first connecting to the CA PAM server through a standard web browser at https://<IP or DNS Name of the CA PAM server>/ the initial login screen will appear. A link is provided to download the proper client based on the operating system detected through the browser.
When the download button is clicked it with generate the download from the defined download location which by default is an external cloud location https://d21oi5tjuccwe.cloudfront.net/ca-pam/install/<OS>/<Client Install> . All binaries are retrieved from an AWS Service called Cloudfront over HTTPS.
After The client is installed and launched and the connection to the CA PAM server has started the client version will either upgrade or downgrade to match the specific server build connected. This download will update the base client version by downloading from the specific appliance it is connected to.
The links below can provide greater details on the process.
Configure How the Client is Made Available
Use a Private Delivery Network to Distribute the Client Installer
See (Optional) Disable PAM Client Update Checking