Login
    Contenu x
    Using server certificates
    • 03 Jan 2025
    • 1 Minute à lire
    • Sombre
      Lumière
    • PDF
    Contenu

    Using server certificates

    • Mis à jour le 03 Jan 2025
    • 1 Minute à lire
    • Sombre
      Lumière
    • PDF
    The content is currently unavailable in French. You are viewing the default English version.
    Résumé de l’article

    Server certificates are typically used to secure connections to a server or a component using SSL.

    OneSpan Authentication Server Appliance uses server certificates to secure the following components:

    • SEAL communicator
    • SOAP communicator
    • RADIUS communicator
    • Live audit
    • OneSpan Authentication Server Appliance Configuration Tool
    • Remote support
    • Secure auditing

    Whenever you need to specify a server certificate for these components, you select the respective certificate from a list containing all valid server certificates that were created or uploaded using the Certificate Management tab. Whether a certificate is valid and applicable for a particular component depends on the component (see Table: Certificate restrictions).

    Table:  Certificate restrictions
    ComponentCertificate restrictions
    SEAL communicator
    • Not expired
    • RSA
    SOAP communicator
    • Not expired
    • RSA
    RADIUS communicator
    • Not expired
    • RSA
    Live audit
    • Not expired
    • RSA
    OneSpan Authentication Server Appliance Configuration Tool
    • Not expired
    • RSA, DSA, or elliptic curve
    Remote support
    • Not expired
    • Signed by OneSpan
    Secure auditing
    • Not expired
    • Elliptic curve prime256v1

    By default, some server certificates are created by the built-in CA during installation:

    • Certificate for SEAL, SOAP, and RADIUS. This server certificate is used by all components using the SEAL, SOAP, and RADIUS protocols. That are, by default, the SEAL communicator, the SOAP communicator, the RADIUS communicator, and live audit.
    • Configtool SSL certificate. This server certificate is used by the OneSpan Authentication Server Appliance Configuration Tool. A new default certificate is automatically created whenever you change the host name. If you upload and select a custom certificate, that custom certificate remains and no new certificate is created, even if the host name is changed.

    The following procedure describes exemplarily how to change the server certificate for the communicator components.

    To select a server certificate for a communicator component

    1. In the OneSpan Authentication Server Appliance Configuration Tool, select Authentication Server > SEAL Communicator, Authentication Server > SOAP Communicator, or Authentication Server > RADIUS Communicator, depending on what the certificate is being used for.

    2. If you are using RADIUS, set the security level (Very High, High, Medium, or Low).

      For more information about the SSL cipher suite security levels, refer to the OneSpan Authentication Server Appliance Administrator Reference.

    3. Select a certificate from the Server Certificate list.

      The Server Certificate list contains all valid certificates you have previously created/imported using the Certificate Management tab (see  Managing certificates).

      Server certificate configuration (SEAL)

      Figure:  Server certificate configuration (SEAL)

    4. Click Save to finish.
    Cet article vous a-t-il été utile ?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle