CA Strong Authentication UNIX Installation Guide › How to Deploy CA Strong Authentication on a Single System › Post-Installation Tasks › Bootstrapping the System › Perform Bootstrapping Task

Perform Bootstrapping Task

When you first log in to the Administration Console as the Master Administrator (MA), the Summary screen for the Bootstrap wizard screen appears.

Follow these steps:

1. Click Begin to start the process.

   The Change Password screen appears.

2. Specify the Old Password, New Password, Confirm Password, and click Next.

   The Configure Global Key Label screen appears.

3. Specify the Global Key Label, and click Next.

   CA Strong Authentication enables you to use hardware- or software-based encryption for your sensitive data. Irrespective of hardware or software encryption.

   If you use hardware encryption, then this label serves only as a reference (or pointer) to the actual 3DES key stored in the HSM device, and therefore the key label must match the HSM key label. However, in the case of software-based encryption, this label acts as the reference to actual software key in database.

   Important! After you complete the bootstrapping process, you cannot update this key label.

   The Storage Type field indicates whether the encryption key is stored in the database (Software) or the HSM (Hardware).

   The Configure Default Organization screen appears.

4. Under the Default Organization Configuration section, specify the following parameters for the Default Organization:
   • Display Name: The descriptive name of the organization. This name appears on all other Administration Console pages and reports.
   • Administrator Authentication Mechanism: The mechanism that is used to authenticate administrators belonging to the Default Organization. Administration Console supports three types of authentication methods for the administrators to log in:
     • Basic

       If you select this option, then the built-in authentication method that is provided by the Administration Console is used for authenticating the administrators.

     • LDAP User Password

       If you select this option, then the administrators are authenticated using their credentials that are stored in the directory service.

     Note: If this mechanism is used for authenticating administrators, then deploy UDS by performing the procedure described in "Deploying User Data Service".

     • CA Strong Authentication User Password

       If you select the CA Strong Authentication User Password option here, then the credentials are issued and authenticated by the Server.

     Note: See CA CA Strong Authentication Administration Guide for more information about how to do this.

5. Under the Key Label Configuration section of the Configure Default Organization screen, specify the following:
   • Use Global Key: This option is selected by default. Deselect this option if you want to override the Global Key Label you specified in the preceding step and specify a new encryption label.
   • Key Label: If you deselected the Use Global Key option, then specify the new key label that you want to use for the Default Organization.
   • Storage Type: This field indicates whether the encryption key is stored in the database (Software) or the HSM (Hardware).
6. Click Finish to complete the bootstrapping process.

   The Administration Console initialization is completed, as indicated in the Finish screen.

7. Click Continue to proceed with other configurations using the Administration Console.