This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
RobertoRabolini
Contributor
Contributor
‎2018-10-19 05:16 AM

dynamic seed provisioning

Hi,

when I use "dynamic seed provisioning" in order to distribuite a software token I obtain a strange string: 
"http://127.0.0.1/securid/ctkip?scheme=https&url="MY Server FQDN":7004/ctkip/services/CtkipService", is it coorrect ? 


Can I use "dynamic seed provisioning" whitout install Web-Tier or is necessary implement it ?

Best regards

Roberto



Supporto Redco
0 Likes
Reply
3 Replies
_EricaChalfin
Employee (Retired) Employee (Retired)
Employee (Retired)
‎2018-10-19 09:30 AM

Roberto Rabolini‌,

I've moved your question to the RSA SecurID Access" data-type="space space where it will be seen by the product's support engineers, other customers and partners.  Please bookmark this page and use it when you have product-specific questions.

 

Alternatively, from the RSA Customer Support" data-type="space page, click on Ask A Question on the blue navigation bar and choose Ask A Product Related Question.  From there, scroll to RSA SecurID Access" data-type="space and click Ask A Question.  That way your question will appear in the correct space.

 

 

Regards,

Erica

0 Likes
Reply
RobertoRabolin1
New Contributor
New Contributor
In response to _EricaChalfin
‎2018-10-19 10:21 AM

Thank you Erica

 

Da: Erica Chalfin

Inviato: venerdì 19 ottobre 2018 15:30

A: Roberto Rabolini

Oggetto: You have been mentioned by Erica Chalfin in Re: dynamic seed provisioning in RSA Link

 

 

<https://community.rsa.com/?et=notification.mention>

 

 

You have been mentioned

 

by Erica Chalfin<https://community.rsa.com/people/B1fQpWp0Er9BI4ZmqBP9R2k0AFScN6CUsaPcsyfuRCQ=?et=notification.mention> in Re: dynamic seed provisioning in RSA Link - View Erica Chalfin's reference to you<https://community.rsa.com/message/920129?commentID=920129&et=notification.mention#comment-920129>

0 Likes
Reply
EdwardDavis
Employee
Employee
‎2018-10-19 01:42 PM

Dynamic seed provisioning , or CTKIP, does not require a web tier.

 

If the device can access port 7004 on the primary RSA Authentication Manager, then it can CTKIP a token.

 

A web tier (and this is when you would need to configure a Virtual Host) is essentially an RSA Authentication Manager self-service portal that can sit on the DMZ (essentially a proxy server) and allow internet access to do CTKIP without being on your inside network.The web tier then has it's own private connection to your internal RSA Authentication Manager primary on a separate TCP port (7022). 

 

The 127.0.0.1 URL is correct if the device that is doing CTKIP understands the URL format (there have been some changes over time on some URL formats). So, the best thing do do is: refer to the Software Token admin guide for [device type] and see what the URL format should be, and then you can configure a software token profile and create the appropriate CTKIP link for an end user to click. The 127.0.0.1 instructs the device to pass this string to itself where an internal app is listening (which is the RSA software token app) and then the app does it's own real network connection to perform the token download.

 

On this page

https://community.rsa.com/docs/DOC-40601#token 

you can find the documentation for [device] and it will show 'token delivery methods' and any special URL formatting required to do CTKIP with that device.

 

 

CTF (compressed token format) is another option for some devices, where you get a very large 'URL like string'  in which the entire token is encoded, and requires zero network connectivity.

Example: com.rsa.securid://ctf?ctfData=200002073572073562316564702224415011025055165634316176564172163270773376671627232

0 Likes
Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.