8.9.7. SSL Settings Configuration

8.9.7.1. Introduction

This part allows you to configure the GCenter SSL (Secure Socket Layer) certificate.
The certificate generated certifies the identity of the GCenter and encrypts the data exchanged.
It is also possible from this page to configure mutual authentication (mTLS).

Note

The GUI is described in `SSL settings` section.

8.9.7.2. Prerequisites

  • User : member of Administrator group

8.9.7.3. Preliminary operations

8.9.7.4. Procedure to access the `SSL settings` screen of the legacy web UI

  • In the navigation bar, click successively on:

  • The `Admin` button

  • The `Gcenter` sub menu

  • The `Configuration` command
    The `Configuration` window is displayed.
../../_images/CONFIGUR-01.PNG
  • Click on the button (5) `SSL settings`.
    The screen consists of the zones:

  • Zone `Security details`

  • Zone `Custom Certificate`

  • Zone `Dual authentication`

8.9.7.5. Procedure to display the `Security details` zone parameters

The `Security details` area provides information about the certificate in use.

../../_images/CONFIGUR-06-1.PNG

  • View the following information:

Item

Name

Function

1

Field `In use certificate details`

Displays certificate information such as issue and expiry date, issuer of this certificate, etc.

2

Field `CA certificate informations`

Displays the Certification Authority information to identify the identity of correspondents in the `Dual Authentication`

3

Field `CRL informations`

Lists credentials that have been revoked or invalidated and are no longer trustworthy.

8.9.7.6. Procedure to enter the `Custom Certificate` zone parameters

The `Custom Certificate` field allows you to use a specific certificate.
To do this, simply specify the private key in the field `GCenter Key` and the certificate in PEM format in the field `GCENTER certificate`, and also activate this certificate by activating the selector `Enable Custom Certificate`.
../../_images/CONFIGUR-06-2.PNG

  • Use the `Enable Custom Certificate` selector (1) to activate a custom certificate.

  • Select the field (2) `GCenter Key` to select the GCenter key file.

  • Select the field (3) `GCENTER certificate` to select the GCenter certificate file.

  • If necessary, use button (4) `Reset` to reset the configuration.

  • Press the `Update` button (5) to save current settings and update the GCenter.

8.9.7.7. Procedure to enter the `Dual authentication` zone parameters

The `Dual Authentication` field allows you to enable mutual authentication (mTLS).
This allows the user to ensure the identity of the server but also the server to ensure the identity of the user.
../../_images/CONFIGUR-06-3.PNG

  • Use the `Enable Dual Authentication` selector (1) to enable mutual authentication.

  • Select the `Authentication mode` field (2) between the 2 choices:

  • Choice `Forced`: makes mandatory the use of a certificate issued by the certification authority

  • Choice `Optional`: checks only the presence of a certificate

  • Select the field (3) `Client CA Authenticator` to select the certificate file issued by the CA Authenticator (PEM format).

  • Select the field (4) `Client CRL Validator` to select the file from the list of revoked certificates.

  • If necessary, use the button (5) `Reset` to reset the configuration.

  • Press the `Update` button (6) to save current settings and update the GCenter.