Documentation

 

 

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Updated: September 28October 9, 2020

 In an effort to improve and modernize SecureAuth cloud services, as well as improve the performance of the SecureAuth IdP appliances, we are phasing out a legacy protocol used to communicate with SecureAuth cloud services, effective January 1, 2021.

...

In the Admin console, go to the System Info tab of each realm. The WSE 3.0 / WCF Configuration section contains URLs that connect the realm to SecureAuth cloud services. If all realms are HTTPS , then there is nothing to change. 


If any URLs are HTTP, then you must update the URLs and the WSE setting:

On the SecureAuth cloud services documentation page, the recommended URLs and configuration settings are documented. In short, all URLs must be set to HTTPS. And remove the suffix: /msg.

For example, if your SMS service is set to use Message level encryption, the

...

existing URL might look like this:

http://us-cloud.secureauth.com/SmsService/SMS.svc/msg

Change the new URL to:

...

https://us-cloud.secureauth.com/SmsService/SMS.svc

...

  (change to https and remove the /msg)

...


The Use WSE field setting for all URLs must be set to False when the URL is changed from

...

HTTP to HTTPS.


Change the certificate URL

Existing certificate URL:

https://us-cloud.secureauth.com/CertService/Cert.svc

Change to:

https://us-certs.secureauth.com/CertService/Cert.svc

If you are using https://nge-cloud.secureauth.com/CertServiceRSA/Cert.svc, there is no need to make a change. 

What are the considerations?

Make sure you have outbound firewall or proxy rules that allow for HTTPS communication on port 443 to the following IP addresses:

Code Block
languagetext
themeConfluence
34.212.120.216

...


34.215.233.46

...


35.170.216.14

...


35.172.189.69

...


35.172.253.27

...


52.39.105.166

...


52.43.188.66

...


52.70.56.97

...


146.88.110.112

...


146.88.110.114

...


146.88.110.98

...


162.216.42.101

...


162.216.42.110

...


162.216.42.111

...


208.74.31.114

...


208.82.207.89

As with any change to a mission critical production system, take a snapshot or other backup before making the changes.  If you have a non-production test SecureAuth IdP appliance, make the changes on that system first, and thoroughly test before changing your production system.

...