A Common Access Card (CAC) is a United States Department of Defense (DoD) smart card used by military personnel and other government and non-government personnel who require highly secure access over the Internet. A CAC uses PKI authentication and encryption. Using a CAC requires an external card reader connected on a USB port.
NSM on-prem supports CAC Authentication to authenticate the access to the NSM On-prem system.
In order to use the CAC authentication, you are required to set up the following
Import CA certificate in NSM through System | Settings > User Management > Authentication Servers > Authentication type. For more details, refer Authentication Servers.
Create or Import Digital Authentication Certificate – Create or import a digital certificate from a PKCS#7 (.p7b), PEM (.pem) or DER (.der or .cer) encoded file; or a local end-user certificate with private key from a PKCS#12 (.p12 or .pfx) encoded file. Refer Certificates to create or import digital authentication certificate.
Only one certificate can be used as a CAC authentication certificate.
Enable Digital Certificate Authentication under System | Settings > Administration > Web Management. Refer Administration section for more information.
CAC option is shown only if this is enabled.
Add User - Choose Authentication server as CAC for the user. Navigate to System | User Management > Users > Add User.
User name should match the Certificate common name.