Setting Up an Application TrustSetting Up an Application Trust

The RSA Authentication Manager API provides you with the means to create custom applications that can extend Authentication Manager to fit your particular needs. To use your custom application, you must create a connection to Authentication Manager using two-way SSL with application trust. This enables custom applications to perform administrative tasks securely on Authentication Manager under the chosen administrator's identity.

You perform the following tasks to configure two-way SSL with application trust.

Procedure

1. Create a new administrative role with the permissions required for the custom application. For instructions, see “Create an Application Trust Administrative Role” in “Configuring Two-Way SSL with Application Trust” in the Developer’s Guide.

2. Create a new user in a security domain that is not in the scope defined for the administrative role. For instructions, see “Add a New User for Application Trust” in “Configuring Two-Way SSL with Application Trust” in the Developer’s Guide.

3. Assign the new administrative role to the new user. For instructions, see “Assign an Administrative Role for Application Trust” in “Configuring Two-Way SSL with Application Trust” in the Developer’s Guide.

4. Generate keys and a certificate signing request for a certificate designated for client authentication using a certificate management utility of your choice. For instructions, see “Create the Application Trust” in “Configuring Two-Way SSL with Application Trust” in the Developer’s Guide.

5. In the Operations Console, upload the certificate signing request. For instructions, see Add a New Application Trust Certificate.

6. In the Operations Console, download the signed application trust certificate and the root CA certificate. For instructions, see Download an Application Trust Certificate.

7. Using the certificate management utility of your choice, import the root CA certificate first and then the signed certificate into the keystore specified in the creation of the certificate signing request. For instructions, see “Create the Application Trust” in “Configuring Two-Way SSL with Application Trust” in the Developer’s Guide.