By using the Protocol Configuration page, you can configure the protocols that Administration Console, SDKs, and Web Services use to communicate with a AuthMinder Server instance for credential management, authentication, and administration purposes. The ports on which the server instance listens for each protocol can also be configured using this page.
The following table explains the protocols that are listed on the Protocol Configuration page and gives their default port numbers:
|
Protocol |
Default Port Number |
Description |
|---|---|---|
|
Administration Web Services |
9745 |
This protocol is used to manage SAML, ASSP, profile and policy configurations. |
|
ASSP |
9741 |
Adobe Signature Service Protocol (ASSP) is used with Adobe Reader and Adobe Acrobat to authenticate users for server-side digital signing of the PDF documents. |
|
RADIUS |
1812 |
This is a RADIUS listener protocol that is used to extend AuthMinder capability to support the Remote Authentication Dial In User Service (RADIUS) protocol. Note: When configured to support RADIUS, AuthMinder Server acts as a RADIUS server. |
|
Server Management Web Services |
9743 |
The Administration Console and the arwfutil tool communicate to the AuthMinder Server instance for server management activities by using this protocol. |
|
Transaction HTTP |
9746 |
This protocol receives HTTP data. It is used for ArcotID OTP provisioning and ArcotID PKI key bag management operations. Note: This protocol does not expose other generic AuthMinder operations. |
|
Transaction Native |
9742 |
This is a binary AuthMinder protocol for issuance and authentication. This protocol is used by Issuance and Authentication Java SDKs. |
|
Transaction Web Services |
9744 |
This protocol receives Web services requests that are sent by Authentication and Issuance Web services. |
To configure AuthMinder network protocols:
Note: The data that is displayed in the Instance Statistics (see "Monitoring Instance Statistics") page depends on the parameters that are configured on this page.
Under the Instance Configurations section, click the Protocol Management link to display the Protocol Configuration page.
The page to configure the specific protocol appears.
|
Field |
Description |
|---|---|
|
Protocol Status |
Indicates whether the protocol is Enabled or Disabled. |
|
Change Protocol Status
Action |
Select the Change the Protocol Status option to enable the Action list and then select the new status from the Action drop-down list. Note: The Server Management protocol cannot be disabled. Therefore, these options are not displayed for this protocol. |
|
Port |
Enter the port number where the protocol service will be available. |
|
Maximum Allowed Request Size (in KB) |
Specify the maximum size of the request that can be sent to the AuthMinder Server. If the input size exceeds this value, then the request is not processed by the AuthMinder Server. Note: By default, there is no limit on the input request size. |
|
Minimum Threads |
Specify the minimum number of threads to be maintained between the client and the AuthMinder Server. |
|
Maximum Threads |
Specify the maximum number of threads that can exist between the client and the AuthMinder Server. |
|
Note: The following fields are not applicable for RADIUS protocol. |
|
|
Thread Threshold |
Specify the maximum number of threads in percentage. Any additional requests over the threshold percentage of maximum threads will be closed immediately after serving the request. For example, Maximum Threads by default is 128 and Thread Threshold is 90%, this indicates that the threads that are established beyond 115 will be served and closed immediately. |
|
Client Idle Timeout (in Seconds) |
Enter the interval, in seconds, for which the AuthMinder Server waits for a request from the client before closing the connection. |
|
Connection Keep Alive |
Enable this option if you want the client to retain the connection even after the request is processed. The connection is closed when the connection duration is equal to Client Idle Timeout (in Seconds) period. |
|
Transport |
Specify the mode for data transfer. The supported values are:
|
|
Key in HSM |
Enable this check box if the private key for the SSL communication needs to be in the HSM device. In this case, the AuthMinder Server will find the private key based on the certificate chain provided. |
|
Certificate Chain (in PEM Format) |
Upload the server certificate chain by using the respective Browse button in the corresponding field. Note: This field is available only if you select the Key in HSM option. |
|
P12 File Containing Key Pair |
Upload the public and private key pair of the server certificate by using the respective Browse button in the corresponding field. |
|
P12 File Password |
The password corresponding to the P12 file. |
|
Select Client Store |
Select the trust store that contains the root certificates of the trusted CAs. See "Creating Trust Stores" for more information about how to configure a trust store. Note: This field is applicable only for two-way SSL communication. |
Note: Configure each protocol individually.
|
Copyright © 2013 CA.
All rights reserved.
|
|