How to integrate CMS Appliance
&
Wallix AdminBastion
Version 1.0 | Date 24/04/2012
External Use | 4/24/2012 | © 2012 ActivIdentity
Table of Contents
1.0 Introduction ................................................................................................................................................ 3
1.1 Context and objective .......................................................................................................................... 3
3.0 CMS Appliance prerequisites .................................................................................................................... 4
4.0 Certificate generation ................................................................................................................................. 5
5.0 Wallix configuration .................................................................................................................................... 6
5.1 Wallix Prerequisites ............................................................................................................................. 6
5.2 Certificates installation ........................................................................................................................ 6
5.3 Users configuration ............................................................................................................................. 8
5.3.1 Prerequisites .............................................................................................................................. 8
6.0 Synopsis of use ........................................................................................................................................ 10
6.1 Scenario # 1 : Authentication with a smartcard and client certificate in the Sign-Page .................... 10
External Use | 4/24/2012 | © 2012 ActivIdentity
1.0 Introduction
This document describes how to configure CMS Appliance and Wallix AdminBastion for a client authentication by
certificate and smartcard.
1.1 Context and objective
1. Objectives:
a. Provide an integrated way to authenticate users with a smartcard and client certificate in a Wallix
AdminBastion context
2. Prerequisites
a. CMS Appliance
b. OpenSSL
c. Wallix AdminBastion version > 3.x
d. Wallix Option “X509” License
e. Smartcard issued by CMSA Appliance
External Use | 4/24/2012 | © 2012 ActivIdentity
3.0 CMS Appliance prerequisites
Before configuring the Wallix Appliance, it’s necessary to obtain:
1. The root CA certificate (Localized in the Backup Network Share location of the CMS Appliance – for
more information, refer to the documentation ActivID_CMS_Appliance_UserGuide.pdf)
2. The root CA password (use the passgen tool localized in the Backup Network Share location of the
CMS Appliance – for more information, refer to the documentation
ActivID_CMS_Appliance_UserGuide.pdf)
3. The master password used during the CMS installation is mandatory to obtain the CMS CA Keystore: