Configure Client Certificate Authentication
This applies to: Visual Data Discovery
Symphony supports X.509 client certificate authentication. However, note that auto-provisioning of user accounts is not available for client certificate authentication.
To use the X.509 authorization you need to:
Enable the X.509 option in the Security Services section
Configure the required properties in the
zoomdata.properties
file
Caveat
Symphony does not support auto-provisioning of user accounts for client certificate authentication.
Configuration Steps
For guidance on accessing and editing a Symphony property file, refer to the topic Configure Symphony.
Add the following settings to your zoomdata.properties
file:
For each user, create an user account in Symphony with the username set to the 'CN' in the user's certificate.
Troubleshooting
Challenges you may run into:
-
User is never prompted to select a certificate:
Make sure you have added at least one CA to the trust-store file.
Verify
server.ssl.client-auth
is set towant
.
-
Selecting login brings me back to the login page:
Make sure the username matches the CN of the certificate being used.
Make sure the client certificate is signed by a CA in the trust-store.
For further troubleshooting assistance, contact Technical Support.
Comments
0 comments
Please sign in to leave a comment.