Sec/User Mgmt: PKI Settings Tab

Document created by RSA Information Design and Development on Sep 19, 2017Last modified by RSA Information Design and Development on Oct 2, 2017
Version 3Show Document
  • View in full screen mode
 

This topic explains the Public Key Infrastructure (PKI) Settings tab that enables you to configure PKI authentication for NetWitness Suite. In PKI Settings tab, you can perform the following tasks:

  • Import server certificate and trusted CA certifcate
  • Import Certificate Revocation List (CRL)
  • Configure CRL settings
  • Configure user principal settings
  • Enable PKI

To access the PKI Settings tab:

  1. In NetWitness Suite, go to ADMIN > Security.
    The Security view is displayed with the Users tab open.
  2. Click the PKI Settings tab.

Server Certificates

The Server Certificates section enables you to import a server certificate with its private key to NetWitness Server. The following figure shows the Server Certificates of the PKI Settings.

Server Certificates

                                         
FeatureDescription
Alias A user-friendly name which is used to identify a certificate in a store.
Subject DN The entity to which the certificate is issued.
Issuer DN The entity which issued the certificate.
CA Indicates whether the certificate is Certificate Authority (CA). 
Valid Form The start date for the certificate validity.
Valid Till The end date till when a certificate is valid.
Use as Server Certificate Uses a server certificate as a default server certificate.
Reset to Default Restore the default server certificate.

Trusted CAs

The Trusted CAs section enables you to import a Certificate Authority (CA) certificate to NetWitness Server. The following figure shows the Trusted CAs sections of the PKI Settings.

Trusted CAs

                                 
FeatureDescription
Alias A user-friendly name which is used to identify a certificate in a store.
Subject DN The entity to which the certificate is issued.
Issuer DN The entity which issued the certificate.
CA Indicates whether the certificate is Certificate Authority (CA).
Valid Form The start date for the certificate validity.
Valid Till The end date till when a certificate is valid.

CRLs

The CRLs allows you to import Certificate Revocation List (CRL) to NetWitness (NW) server. The following figure shows the CRLs of the PKI Settings.


CRLs

                                        
FeatureDescription
Issuer DNThe entity which issued the certificate.
Type The CRL type which can be a HTTP server, LDAP resource, LOCAL CRL, OCSP Responder.
ID This is a unique id assigned to the CRLs which is useful in identifying a CRL in the alerts and messages.
Count The total number of unique revoked certificates in the CRL.
Expiration

Status of the CRL. The values can be Expired, Soon expiring, and Vaild.

  • Expired - The CRL or OCSP Responder certificate is expired.
  • Soon expiring - The CRL or OCSP Responder certificate will expire in less than 24 hours.
  • Vaild - The CRL or OCSP Responder certificate is valid atleast for 24 hours.
Next Update on The date on which CRL will be updated.
Update Cache Manually updates all the CRLs from the source location.

CRL Settings

This allows you to configure CRL settings to validate the CRL for certificate revocation. The following figure shows the CRL Settings sections of the PKI Settings.

CRL Settings

                                
FeatureDescription
Failure ModeDetermines whether a user is allowed to login if the validation fails.
Revocation check ModeValidates the user certificate for revocation.
Multi CRL ModeDetermines how to process multiple CRLs of the same issuer.
Test User CertificateThis is used to check the certificate revocation based on the CRL and settings applied for the CRL.
SaveClick Save to apply the CRL settings.

User Principal Settings

The User Principal Settings section enables you to specify a field in a certificate to uniquely identify the user for PKI authentication. The following figure shows the Notification Settings, User Principal Settings of the PKI Settings.

User Principal Settings

                     
FeatureDescription
Path The path to a field in a certificate which is used to extract a username or userid.
Regex A regular expression that is used to extract the final username or userid from the value in a certificate at a given path.
Configure Allows you to configure the user principal settings to extract a username or userid.

Enable PKI

The Enable PKI section enables you to enable PKI authentication in NetWitness Suite. PKI section enables you to enable PKI authentication in NetWitness Suite. The following figure shows the Enable PKI sections of the PKI Settings.

Enable PKI

                    
FeatureDescription
Enable PKI Select the option to enable PKI.
Apply Enables PKI authentication for NetWitness Suite users.
You are here
Table of Contents > Sec/User Mgmt: PKI Settings Tab

Attachments

    Outcomes