System Info configuration
Introduction
The System Info tab provides details about SecureAuth IdP's connection to cloud services, certificate authorities, and proxies. This tab does not need to be configured unless a proxy is integrated with SecureAuth IdP, SCEP is used in the environment, or specific preferences require edits to be made.
What's new in SecureAuth IdP version 9.3
The Click to edit Web Config file. link is removed from the Links section for greater security on the SecureAuth IdP appliance. To edit the web.config file, go to D:\SecureAuth\SecureAuth1 on the appliance.
Prerequisites
SecureAuth IdP v9.3.
SecureAuth IdP realm with the following configured:
Overview tab
Data tab / Directory integration
Workflow tab
Multi-Factor Methods tab
Post Authentication tab
Logs tab
Notice
On the New Experience user interface in version 9.3, you can configure an Active Directory integration or SQL Server integration to be applied to applications made from App onboarding library templates. Configure the remaining components – for example, Workflow, Multi-Factor Methods, and Adaptive Authentication tabs – on the Classic Experience user interface.
For a proxy server to be integrated with SecureAuth IdP
Established proxy server up and running.
For SCEP
The Issuing CA (Certificate Authority) is running on Windows 2008 R2 Enterprise Edition (or later) to enable SCEP / NDES functionality.
The Certification Authority's (root and intermediates) certificate distribution point is available to all clients (internal and / or external) to allow access to the AIA and CDP files (CRT and CRL files).
The SCEP / NDES (Network Device Enrollment Service) service is already pre-installed and functional.
The SCEP / NDES Listener URL is obtained.
SecureAuth IdP Web Admin - Classic Experience
System Info tab
Steps 1 - 3: Review / configure System Info and Plugin Info sections
1. In the System Info section, the SecureAuth Version number is provided for reference.
2. If necessary, click Decrypt to view the web.config file in its entirety.
3. Plugin information is provided for reference, and no configuration is necessary unless a specific version is required (not typical).
Steps 4 - 6: Complete WSE 3.0 / WCF Configuration section
Step 7: Complete SCEP Configuration section
Step 8: Complete Proxy Server Configuration section
Steps 9 - 11: Complete IP Configuration section
Steps 12 - 23: Review / configure remaining sections
License Info section
12. No configuration is required. The Cert Serial Nbr is typically the same as the Client Cert Serial Nbr in the WSE 3.0 / WCF Configuration section.
Certificate Properties section
13. Select Default from the SAN, DC 1, and DC 2 dropdowns to use the default certificate settings.
Select Custom to customize a SAN, DC 1, or DC 2 property in a certificate.
14. Select No DC 3 from the DC 3 dropdown to eliminate the DC 3 property from the certificate.
Select Hard drive serial number hash to include the DC 3 property as the hard drive serial number hash.
15. Select the hashing algorithm to be used for certificate signing requests from the Certificate Key Identifier dropdown.
Advanced Configuration section
16. Select True from the Force Frame Break Out dropdown to enable SecureAuth IdP pages to break out of iFrame web pages.
User Input Restriction section
NOTE: This section applies only to SQL, ODBC, and Oracle data stores.
17. Set the Max Length for User ID (number of characters).
18. Set the Max Length for Password (number of characters).
19. Set the Max Length for OTP (number of digits).
20. Set the Max Length for KBA (number of characters). If no limit, set to0(default).
21. Create a list of Disallowed Keywords, comma separated.
22. Click Save.
Links section
23. Click Click to view Web Config Backups to view backups and see modifications that have been made.
Configuration Back Up Files page
23a. View configuration changes and open backup files.
23b. Use the back arrow on the browser to return to the Links section.