| Info |
|---|
This article is valid for Smart ID 20.11 and later. |
This article describes how to set up certificate-based login to Smart ID Identity Manager.
| Note |
|---|
Not yet supported for docker. The article is only relevant for WAR file deployment. |
Prerequisites
| Expand |
|---|
|
A working HTTPS configuration with client authentication on the Tomcat is required. See Configure https for Tomcat. |
...
| Expand |
|---|
| title | Set up authentication profile |
|---|
|
The first step is to set up an authentication profile in Identity Manager Admin: - Follow the instructions in Set up authentication profile in Identity Manager, to set up an authentication profile of any of the following types:
- Client Certificate and LDAP
- Client Certificate and Core Object
- Client Certificate Internal - not recommended in a production environment
- Select the certificate attribute the system shall extract the login information from.
- User Principal Name (UPN): Extracts the information from the SANAttribute "otherName"
- SAN Email (RFC822Name): Extracts the information from the SANAttribute "rfc822Name"
- Subject CN: Extracts the information from the CN field
- Subject Email: Extracts the information from the EMAILADDRESS field
|
...
