Login
    Contenu x
    Server SSL Certificate for Secure Communication
    • 21 Nov 2024
    • 1 Minute à lire
    • Sombre
      Lumière
    • PDF
    Contenu

    Server SSL Certificate for Secure Communication

    • Mis à jour le 21 Nov 2024
    • 1 Minute à lire
    • Sombre
      Lumière
    • PDF
    The content is currently unavailable in French. You are viewing the default English version.
    Résumé de l’article

    Digipass Authentication for Windows Logon connects to the authentication server using the Secure Sockets Layer (SSL) protocol, which requires the identification of the authentication server with a valid SSL certificate. Digipass Authentication for Windows Logon can handle server SSL certificates in two ways, depending on the connection settings specified in the Digipass Authentication for Windows Logon Configuration Center:

    • If Verify server SSL certificate is selected, Digipass Authentication for Windows Logon will check whether the certificate is installed in the Trusted Root Certification Authorities certificate store. A connection to the authentication server will be established only if the server certificate is trusted, i.e. if the server certificate is installed in the certificate store.
    • Without this check, i.e. if Verify server SSL certificate is not selected, any SSL server certificate will be accepted, regardless of whether it is installed in the Trusted Root Certification Authorities certificate store.

    Because accepting any SSL certificate from the server constitutes a major security risk, always select Verify server SSL certificate when in production mode.

    You should disable this check only for evaluation or testing purposes, if required.

    The steps to ensure the server SSL certificate is trusted depend on the server certificate type you are using:

    • If you intend to use the self-signed certificate created during OneSpan Authentication Server installation, you must import the ikey_soap_serverca.pemcertificate file to client computers either locally with certmgr.msc, or, for larger installations, via Group Policy.

      For instructions to import this certificate file, refer to the Digipass Authentication for Windows Logon Installation Guide.

    • If you want to use your own enterprise SSL certificate trusted by your enterprise certification authority (CA), you need to configure certificate trust accordingly for the respective domain(s).
    • If you intend to use a public trusted certificate, no further steps are required to establish certificate trust. The certificate will be trusted automatically.
    Cet article vous a-t-il été utile ?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle