8.9.7. SSL Settings Configuration
8.9.7.1. Introduction
Note
8.9.7.2. Prerequisites
User : member of Administrator group
8.9.7.3. Preliminary operations
Login to GCenter via a browser (see Connecting to the GCenter web interface via a web browser). with the prerequisite rights.
8.9.7.4. Procedure to access the `SSL settings`
screen of the legacy web UI
In the navigation bar, click successively on:
- Click on the button (5)
`SSL settings`
.The screen consists of the zones:
Zone
`Security details`
Zone
`Custom Certificate`
Zone
`Dual authentication`
8.9.7.5. Procedure to display the `Security details`
zone parameters
The `Security details`
area provides information about the certificate in use.
View the following information:
Item |
Name |
Function |
---|---|---|
1 |
Field |
Displays certificate information such as issue and expiry date, issuer of this certificate, etc. |
2 |
Field |
Displays the Certification Authority information to identify the identity of correspondents in the |
3 |
Field |
Lists credentials that have been revoked or invalidated and are no longer trustworthy. |
8.9.7.6. Procedure to enter the `Custom Certificate`
zone parameters
`Custom Certificate`
field allows you to use a specific certificate.`GCenter Key`
and the certificate in PEM format in the field `GCENTER certificate`
, and also activate this certificate by activating the selector `Enable Custom Certificate`
.Use the
`Enable Custom Certificate`
selector (1) to activate a custom certificate.Select the field (2)
`GCenter Key`
to select the GCenter key file.Select the field (3)
`GCENTER certificate`
to select the GCenter certificate file.If necessary, use button (4)
`Reset`
to reset the configuration.Press the
`Update`
button (5) to save current settings and update the GCenter.
8.9.7.7. Procedure to enter the `Dual authentication`
zone parameters
`Dual Authentication`
field allows you to enable mutual authentication (mTLS).Use the
`Enable Dual Authentication`
selector (1) to enable mutual authentication.Select the
`Authentication mode`
field (2) between the 2 choices:
Choice
`Forced`
: makes mandatory the use of a certificate issued by the certification authorityChoice
`Optional`
: checks only the presence of a certificate
Select the field (3)
`Client CA Authenticator`
to select the certificate file issued by the CA Authenticator (PEM format).Select the field (4)
`Client CRL Validator`
to select the file from the list of revoked certificates.If necessary, use the button (5)
`Reset`
to reset the configuration.Press the
`Update`
button (6) to save current settings and update the GCenter.