HID Wallix WAB and CMS User Manual

How to integrate CMS Appliance

Wallix AdminBastion

Version 1.0 | Date 24/04/2012

P 2

Table of Contents

1.0 Introduction ................................................................................................................................................ 3

1.1 Context and objective .......................................................................................................................... 3

3.0 CMS Appliance prerequisites .................................................................................................................... 4

4.0 Certificate generation ................................................................................................................................. 5

5.0 Wallix configuration .................................................................................................................................... 6

5.1 Wallix Prerequisites ............................................................................................................................. 6

5.2 Certificates installation ........................................................................................................................ 6

5.3 Users configuration ............................................................................................................................. 8

5.3.1 Prerequisites .............................................................................................................................. 8

6.0 Synopsis of use ........................................................................................................................................ 10

6.1 Scenario # 1 : Authentication with a smartcard and client certificate in the Sign-Page .................... 10

P 3

1.0 Introduction

This document describes how to configure CMS Appliance and Wallix AdminBastion for a client authentication by certificate and smartcard.

1.1 Context and objective

1. Objectives: a. Provide an integrated way to authenticate users with a smartcard and client certificate in a Wallix

AdminBastion context

2. Prerequisites a. CMS Appliance b. OpenSSL c. Wallix AdminBastion version > 3.x d. Wallix Option “X509” License e. Smartcard issued by CMSA Appliance

P 4

3.0 CMS Appliance prerequisites

Before configuring the Wallix Appliance, it’s necessary to obtain:

1. The root CA certificate (Localized in the Backup Network Share location of the CMS Appliance – for more information, refer to the documentation ActivID_CMS_Appliance_UserGuide.pdf)

2. The root CA password (use the passgen tool localized in the Backup Network Share location of the CMS Appliance – for more information, refer to the documentation ActivID_CMS_Appliance_UserGuide.pdf)

3. The master password used during the CMS installation is mandatory to obtain the CMS CA Keystore:

+ 8 hidden pages