Chat now with support
Chat with Support

Enterprise Single Sign-On 8.0.6 - Quest ESSO Console Administrator Guide

1. Overview 2 Authenticating to Quest ESSO Console and Managing Protection Modes 3 Searching the Directory Tree 4 Managing Administrators 5 Managing Security Profiles
5.1 Managing Time Slices 5.2 Managing Password Format Control Policies 5.3 Managing User Security Profiles 5.4 Managing Access Point Security Profiles 5.5 Managing Application Security Profiles 5.6 Defining Security Profiles Default Values 5.7 Managing User and Access Point Security Profiles Priorities
6 Managing Directory Objects
6.1 Managing Applications 6.2 Managing Users 6.3 Managing Access Points 6.4 Managing Representative Objects 6.5 Managing Clusters of Access Points 6.6 Selecting a Domain Controller
7 Importing/Exporting Security Profiles and Directory Objects 8 Managing Smart Cards
8.1 Assigning Smart Cards to Users 8.2 Formatting Smart Cards 8.3 Forcing a new PIN 8.4 Disabling Temporarily Smart Cards 8.5 Unlocking Smart Cards 8.6 Sending Smart Cards to a Blacklist 8.7 Extending the Validity of a Smart Card 8.8 Allowing Users to Renew their Smart Card Certificates 8.9 Displaying Smart Card Properties 8.10 Displaying the List of Supported Smart Cards 8.11 Managing Smart Card Configuration Profiles 8.12 Managing Loan Cards 8.13 Managing Smart Cards' Authentication Parameters 8.14 Managing Batches of Smart Cards
9 Managing SA Server Devices 10 Managing RFID Tokens 11 Managing Biometric Enrolment 13 Enabling the Public Key Authentication Method 14 Managing the Emergency Plan 15 Managing Audit Events 16 Managing Reports 17 Customizing Configuration Files 18 Creating Scripts Appendix A: Regular Expressions - Basic Syntax Appendix B: Listing Audit Events and Error Codes Appendix C: Correspondence Between Profile and Administration Rights

13.2 Activating the PKA Authentication Method and Defining the Set of Authorized Certification Authorities

13.2.1 Activating the PKA Authentication Method

1.
In Quest ESSO Console File menu, click Configuration, and in the displayed window select the Public Key Authentication tab.
The Public Key Authentication tab only appears upon a successful extension of the Quest ESSO directory and a successful creation of the default objects. For more information, see Quest ESSO Installation Guide.
2.
Select the first check box: Users can authenticate using a public key Certificate. Any valid certificate (…) to authenticate users.
3.
Select the second check box: Users can enroll their public key Certificate. Any valid certificate (…) may be enrolled.
4.
If you do not want that users provide their password at enrollment if the certificate is valid, select the Upon enrolment of a new certificate, reinitialize the user's password if the current password cannot be recovered.
If the Primary password is stored as an SSO account, encrypt by option is set in the user security profile, the option is used: see Section 5.3.2.1, "Authentication Tab" for details.

13.2.2 Configuring the Set of Authorized Certification Authorities

Only public key certificates issued by explicitly identified certification authorities can be used for Quest ESSO PKA. It is therefore necessary to configure the set of authorized certification authorities.

13.2.2.1 Importing Certification Authorities from PEM or DER Encoded Files

1.
In the Certification Authorities area, click the Import button, and use the displayed window to select a CA certificate from a DER-encoded (*.cer or *.crt) or a PEM encoded (*.pem) file.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating