Login
    Contenu x
    Server TLS/SSL Certificate for Secure Communication
    • 18 Nov 2024
    • 1 Minute à lire
    • Sombre
      Lumière
    • PDF
    Contenu

    Server TLS/SSL Certificate for Secure Communication

    • Mis à jour le 18 Nov 2024
    • 1 Minute à lire
    • Sombre
      Lumière
    • PDF
    The content is currently unavailable in French. You are viewing the default English version.
    Résumé de l’article

    Digipass Authentication for Remote Desktop Web Access uses the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols to connect to the authentication server, which requires the identification of the authentication server with a valid TLS/SSL certificate. Digipass Authentication for Remote Desktop Web Access has two ways of handling server TLS/SSL certificates, depending on the connection settings specified in the Digipass Authentication for Remote Desktop Web Access Configuration Center:

    • If Verify server SSL certificate is selected, Digipass Authentication for Remote Desktop Web Access will check whether the certificate is installed in the Trusted Root Certification Authorities certificate store. A connection to the authentication server will be established only if the server certificate is trusted, i.e. if the server certificate is installed in the certificate store.

    • If Verify server SSL certificate is not selected, any TLS/SSL server certificate will be accepted, regardless of whether it is installed in the Trusted Root Certification Authorities certificate store.

    Because accepting any SSL certificate from the server constitutes a major security risk, always select Verify server SSL certificate when in production mode.

    You should disable this check only for evaluation or testing purposes, if required.

    The steps to ensure the server TLS/SSL certificate is trusted depend on the  used server certificate type:

    • If you intend to use the self-signed certificate created during OneSpan Authentication Server installation, you must import the ikey_soap_serverca.pem certificate file  to client computers either locally with certmgr.msc, or, for larger installations, by deployment via Group Policy.

      For more information, refer to the Windows Server Group Policy documentation on Microsoft TechNet (technet.microsoft.com).

    • If you want to use your own enterprise TLS/SSL certificate trusted by your enterprise certification authority (CA), you need to configure certificate trust accordingly for the respective domain(s).

    • If you intend to use a public trusted certificate, no further steps are required to establish certificate trust. The certificate will be trusted automatically.

    Cet article vous a-t-il été utile ?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle