Chapter 1: Product Overview
27
To use DSView 3 software client certificates for authentication, a DSView 3 software administrator
must first enable certificate authentication; see
Client session information
on page 56. Once this is
enabled, the DSView 3 software server will prompt the client web browser to send its
user certificates.
The DSView 3 software client certificate must first be loaded into the client web browser and be
associated with a user account. There are two ways to do this:
•
The certificate location can be specified in a user account - see
User certificates
on page 185
•
The DSView 3 software administrator may enable user-settable certificates, then the user may
specify the certificate location - see
Specifying a user certificate
on page 19
If the system certificate policy (see below) is enabled for user certificates, the certificate used at
login must meet the policy requirements.
Managed appliance certificates
Certificates are also used for authenticating and authorizing managed appliance sessions when a
managed appliance is added in secure mode. See
Adding Units
on page 95.
System certificate policy and trust store
DSView 3 software administrators may configure the certificate policy by enabling/disabling
settings. The trust store contains a list of all trusted certificate authorities known to the DSView 3
software. You may add, remove or modify the location of trust store entries.
To configure certificate policy settings:
1.
Click the
System
tab.
2.
Click
Global Properties
in the top navigation bar.
3.
Click
X.509 Certificates
in the side navigation bar. The System Certificate Policy window
will open.
4.
Enable/disable checkboxes or select values as indicated for each setting. Table 1.10 lists and
describes the settings.
Table 1.10: System Certificate Policy
Feature
Value when enabled
Chain Building
Authority Info Access (AIA)
Permits the DSView 3 software to use the AIA certificate extension to
locate a certificate’s issuer.
Max chain length
Maximum allowable number of certificates (inclusive) between the leaf
certificate and a trusted certificate. Valid range is 1-16.
Chain Validation
Partial chains
Allows partial chains. (If disabled, partial chains will be considered
invalid, even if the chain contains a trusted certificate.)
Summary of Contents for DSView 3
Page 1: ...Installer User Guide DSView 3...
Page 2: ......
Page 4: ......
Page 16: ...xiv DSView 3 Software Installer User Guide...
Page 54: ...36 DSView 3 Software Installer User Guide...
Page 66: ...48 DSView 3 Software Installer User Guide...
Page 196: ...178 DSView 3 Software Installer User Guide...
Page 266: ...248 DSView 3 Software Installer User Guide...
Page 282: ...264 DSView 3 Software Installer User Guide...
Page 320: ...302 DSView 3 Software Installer User Guide...
Page 326: ...308 DSView 3 Software Installer User Guide...
Page 372: ...354 DSView 3 Software Installer User Guide...
Page 383: ......