Skip to main content

System Info configuration

Introduction

The System Info tab provides details about SecureAuth IdP's connection to cloud services, certificate authorities, and proxies. This tab does not need to be configured unless a proxy is integrated with SecureAuth IdP, SCEP is used in the environment, or specific preferences require edits to be made.

What's new in SecureAuth IdP version 9.3

The Click to edit Web Config file. link is removed from the Links section for greater security on the SecureAuth IdP appliance. To edit the web.config file, go to D:\SecureAuth\SecureAuth1 on the appliance.

Prerequisites

  • SecureAuth IdP v9.3.

  • SecureAuth IdP realm with the following configured:

    • Overview tab

    • Data tab / Directory integration

    • Workflow tab

    • Multi-Factor Methods tab

    • Post Authentication tab

    • Logs tab

Notice

On the New Experience user interface in version 9.3, you can configure an Active Directory integration or SQL Server integration to be applied to applications made from App onboarding library templates. Configure the remaining components – for example, Workflow, Multi-Factor Methods, and Adaptive Authentication tabs – on the Classic Experience user interface.

For a proxy server to be integrated with SecureAuth IdP

  • Established proxy server up and running.

For SCEP

  • The Issuing CA (Certificate Authority) is running on Windows 2008 R2 Enterprise Edition (or later) to enable SCEP / NDES functionality.

  • The Certification Authority's (root and intermediates) certificate distribution point is available to all clients (internal and / or external) to allow access to the AIA and CDP files (CRT and CRL files).

  • The SCEP / NDES (Network Device Enrollment Service) service is already pre-installed and functional.

  • The SCEP / NDES Listener URL is obtained.

SecureAuth IdP Web Admin - Classic Experience

System Info tab

Steps 1 - 3: Review / configure System Info and Plugin Info sections

1. In the System Info section, the SecureAuth Version number is provided for reference.

2. If necessary, click Decrypt to view the web.config file in its entirety.

47241152.png

3. Plugin information is provided for reference, and no configuration is necessary unless a specific version is required (not typical).

47241151.png

Steps 4 - 6: Complete WSE 3.0 / WCF Configuration section

Step 7: Complete SCEP Configuration section

Step 8: Complete Proxy Server Configuration section

Steps 9 - 11: Complete IP Configuration section

Steps 12 - 23: Review / configure remaining sections

License Info section

12. No configuration is required. The Cert Serial Nbr is typically the same as the Client Cert Serial Nbr in the WSE 3.0 / WCF Configuration section.

47241148.png
Certificate Properties section

13. Select Default from the SAN, DC 1, and DC 2 dropdowns to use the default certificate settings.

Select Custom to customize a SAN, DC 1, or DC 2 property in a certificate.

14. Select No DC 3 from the DC 3 dropdown to eliminate the DC 3 property from the certificate.

Select Hard drive serial number hash to include the DC 3 property as the hard drive serial number hash.

15. Select the hashing algorithm to be used for certificate signing requests from the Certificate Key Identifier dropdown.

47241154.png
Advanced Configuration section

16. Select True from the Force Frame Break Out dropdown to enable SecureAuth IdP pages to break out of iFrame web pages.

47241155.png
User Input Restriction section

NOTE: This section applies only to SQL, ODBC, and Oracle data stores.

17. Set the Max Length for User ID (number of characters).

18. Set the Max Length for Password (number of characters).

19. Set the Max Length for OTP (number of digits).

20. Set the Max Length for KBA (number of characters). If no limit, set to0(default).

21. Create a list of Disallowed Keywords, comma separated.

47241161.png

22. Click Save.

Configuration Back Up Files page

23a. View configuration changes and open backup files.

23b. Use the back arrow on the browser to return to the Links section.

47241162.png
If using a proxy server...