This topic describes the procedure to enable Public Key Infrastructure (PKI) authentication on Security Analytics.
To enable PKI, make sure that:
- At least one Active Directory (AD) is configured and enabled on Security Analytics. This AD must be reachable and the roles must be mapped.
Note: PAM is not supported for PKI authentication.
- One Server Certificate is configured and set as 'Use as Server Certificate'.
- One Trusted CA certificate is configured.
Enable PKI Authentication
To enable PKI authentication:
- In the Security Analytics menu, select Administration > Security.
The Security view is displayed with the Users tab open.
- Click the Settings tab.
- In the Enable PKI section, select the Enable PKI checkbox.
- Click Apply.
The Pre-Requisite Checks dialog is displayed.
- Click Enable PKI.
Note: If all the prerequisites are met, only then you click on Enable PKI.
- Refresh the puppet agent on the Security Analytics host using the following command:
puppet agent -t
Note: After the puppet refresh, the default Administrator account is disabled and you will be ONLY authenticated using the certificate.
After you enable PKI:
- Make sure you do not delete the AD configuration and external group mapping that corresponds to the user certificate's domain.
- To log out from a PKI based session, you must close the browser used to access Security Analytics.
- If audit log is enabled, the user login and activity is logged using the user DN.