CA Risk Authentication Windows Installation Guide › Perform the Bootstrapping Tasks

Perform the Bootstrapping Tasks

Bootstrapping is a wizard-driven process that walks you through these setup tasks. Other administrative links are enabled only after you perform the bootstrapping tasks.

Before you proceed with Performing Bootstrapping Tasks, you must understand the related concept of Default Organization.

Default Organization

When you deploy the Administration Console, an organization is created automatically. This organization is referred to as Default Organization (DEFAULTORG). As a single-organization system, the Default Organization itself can be used without creating any other organizations.

Before you start using the Administration Console to manage CA Risk Authentication, perform the following mandatory tasks to initialize bootstrapping the system:

• Change the default Master Administrator password
• Configure the Global Key label
• Specify the configuration settings for the out-of-the-box organization

Follow these steps:

1. Click Begin.
2. Enter the Current Password, New Password, Confirm Password, and click Next.
3. Enter the following fields:

   Global Key Label.

   Specifies encryption key used for encrypting user and organization data, irrespective of hardware or software encryption. CA Risk Authentication enables you to use hardware- or software-based encryption of your sensitive data. You can enable hardware-based encryption by using the arcotcommon.ini file, while software-based encryption is enabled by default. If you are using hardware encryption, then this label serves only as a reference (or pointer) to the actual 3DES key stored in the HSM device, and therefore must match the HSM key label. In case of software-based encryption, this label acts as the key.

   Caution: After you complete the bootstrapping process, you cannot update this key label.

   Storage Type

   Specifies the option to indicate whether the encryption key is stored in the database (Software) or the HSM (Hardware).

4. Click Next to continue.
5. Enter the following parameters for the Default Organization, and click Next:

   Display Name

   Specifies the descriptive name of the organization. This name appears on all other Administration Console pages and reports.

   Administrator Authentication Mechanism:

   Specifies the mechanism that is used to authenticate administrators who belong to the Default Organization. Administration Console supports three types of authentication methods for the administrators to log in and they are as follows:

   LDAP User Password

   Specifies the administrators are authenticated by using their credentials that are stored in the directory service.

   If this mechanism is used for authenticating administrators, then deploy UDS as discussed in Deploying User Data Service (UDS).

   Basic

   Specifies the built-in authentication method that is provided by Administration Console is used for authenticating the administrators.

   WebFort Password

   Specifies the credentials are issued and authenticated by the CA Strong Authentication Server. To use this option, install CA Strong Authentication.

   For information about installing and configuring CA Strong Authentication, see the CA Strong Authentication Installation and Deployment Guide.

6. Enter the following information, and click Next:

   Use Global Key

   Specifies the selected option by default. Deselect this option if you want to override the Global Key Label you specified in the preceding step, and then specify a new label for encryption.

   Key Label

   Specifies the new key label that you want to use for the Default Organization, if you deselected the Use Global Key option.

   Storage Type

   Indicates whether the encryption key is stored in the database (Software) or the HSM (Hardware).

7. Click Finish.
8. (Optional) Click Continue to proceed with other configurations by using Administration Console.