Previous Topic: Create CA Configuration Automation Users in CA EEMNext Topic: Enable Client Authentication in CA Configuration Automation

Administering CA Configuration AutomationConfiguration SettingsCreating and Managing Security CertificatesConfigure X.509 Certificate AuthenticationEnable Client Authentication in CA EEM

Enable Client Authentication in CA EEM

The client authentication in CA Configuration Automation requires that you enable the client authentication (known as the certificate validation) in CA EEM.

Follow these steps:

  1. Copy %CCA _installation%\lib\“tomcat.keystore” from your CCA Server to the following EEM Server location: 
    %EmbeddedEntitlementsManager%\ca
  2. Log in to CA EEM, click the Configure tab, click the EEM Server link, and click the Certificate Validation link in the left pane.

    The Certificate Validation page opens in the right pane.

  3. Select the Enable Certificate Validation option, then complete the following fields:
    Keystore File Location

    Defines the location of the keystore file on the EEM Server.

    Keystore Password

    Defines the password to use when creating the certificate authority.

  4. Select Subject from the User Mapping Field drop-down list.
  5. To retrieve the user name from the certificate, provide the following pattern in the Username Extraction Pattern field: 
    CN=([^,]*)
  6. Create a user that corresponds with each client certificate. The user name must be the same as the user name used when you created the client certificate.
  7. Stop and restart the EEM Server.

    The client authentication is enabled on the EEM Server.