Sec/User Mgmt: Overview

Document created by RSA Information Design and Development Employee on Jul 28, 2016Last modified by RSA Information Design and Development Employee on Apr 26, 2017
Version 2Show Document
  • View in full screen mode

This topic provides an overview of PKI authentication and how it is used to access Security Analytics User Interface (UI).

In or later, PKI authentication can be used to access the Security Analytics UI. PKI allows users to authenticate and access the Security Analytics UI using digital certificates.

Certificates are issued by a Third-Party Certificate Authority (CA) (external to Security Analytics server). The following categories of certificates are required for PKI authentication:

  • Security Analytics server certificate (private key and its chain)
  • Trusted CA certificates
  • User certificate (issued by CA)

Security Analytics Server Certificate

This certificate is used by Security Analytics server to present its identity. This certificate is issued by a trusted CA. When a user accesses the Security Analytics UI using HTTPS, this certificate is presented to the user in the web browser.

Trusted CA Certificates

These are collection of CA certificates. Security Analytics server uses these certificates as the trusted authorities to validate the certificate provided by the user. If the user does not have a certificate signed by one of these CA(s), the user is not allowed to access the Security Analytics UI. 

User Certificate

This certificate is used by the Security Analytics user to present the user's identity. This certificate is issued by a CA that is trusted by the users. The user certificates, by default, are identified by most browsers. In case the certificates are not identified, the user must import the certificates into browser certificates store.

Security Analytics PKI Authentication Workflow

The following figure shows how the user can access Security Analytics using PKI authentication.

The following points explain the workflow of the above figure.

  1. User tries to access the Security Analytics UI using the web browser. For example, https://sa-host/login
  2. The user is prompted to select the user certificate.

Note: The certificate prompt may appear differently depending on the browser.

  1. User selects the certificate. The browser sends the selected certificate to the Security Analytics server for authentication.
  2. If the authentication is successful, the Security Analytics server authorizes the user based on the user groups configured on the Active Directory Server(s). 
  3. If the user authentication and authorization are successful, the Security Analytics dashboard is displayed.

Note: If the certificate validation fails, the user cannot access the Security Analytics Dashboard.

You are here
Table of Contents > Set Up Public Key Infrastructure (PKI) Authentication > Overview