Adding or Editing a Domain with Digital Certificates
To add or edit a domain for digital certificate authentication
Navigate to the Portals > Domains window and click Add Domain or Configure for the domain to edit. The Add Domain or Edit Domain window is displayed.
- If adding the domain, select Digital Certificate from the Authentication Type menu. The Digital Certificate configuration field displays.
- If adding the domain, enter a descriptive name for the authentication domain in the Domain name field. This is the domain name users selects to log in to the Secure Mobile Access portal.
- Select one or more certificates from the All CA certificates list to be added to the Trusted CA certificates list. The All CA certificates list displays all available certificates for the SMA appliance that were imported from the system certificate setting.
- Enter the Username Attribute as CN. This uses the CN attribute of the client certificate as the login username.
- Click Accept to save changes. Next, you need to import the client certificate to your Web browser.
To import the client certificate
Navigate to the Certificate details on your Web browser’s settings.
Select the CA domain. A dialogue window displays. Choose a client certificate to authenticate. Click OK.
The authentication completes if the CA of the client certificate is on the Trusted CA certificates list. If the client certificate is not on the Trusted CA certificates list, the appliance blocks access and displays an error message.
- Next, the client certificate user must be authorized.
To authorize the client certificate
- Navigate to the Portals > Domains window and click the Configure icon for the domain to edit.
- Select Enable group affinity checking.
- Select one of the available domains from the drop-down menu to designate as the Server.
- Click Accept.
Was This Article Helpful?
Help us to improve our support portal