Enabling password authentication, Enabling client certificate authentication, Configuring the user account lockout settings – HP Secure Key Manager User Manual
Page 69: 69 enabling client certificate authentication, 69 configuring the user account lockout settings
Enabling password authentication
To enable password authentication:
1.
Log in to the Management Console as an administrator with KMS Server access control.
2.
Navigate to the KMS Server Authentication Settings section of the KMS Server Configuration
page (Device > KMS Server > KMS Server).
3.
Click Edit.
4.
Select Required in the Password Authentication field.
5.
Click Save.
Enabling client certificate authentication
To enable client certificate authentication:
1.
Log in to the Management Console as an administrator with KMS Server access control.
2.
Navigate to the KMS Server Authentication Settings section of the KMS Server Configuration
page (Device > KMS Server > KMS Server).
3.
Click Edit.
4.
Select either Used for SSL Session only or Used for SSL session and username in the Client
Certificate Authentication field.
5.
Select a profile list in the Trusted CA List Profile field. The server will use this profile when verifying
that the client certificate is signed by a CA trusted by the SKM.
6.
Use the Username Field in Client Certificate field to specify which field in the client certificate must
contain a valid username. This setting is optional.
7.
Select Require Client Certificate to Contain Source IP to specify that the client certificate must
contain the client's IP address in the subjectAltName field. This setting is optional.
8.
Click Save.
Configuring the user account lockout settings
To configure the user account lockout settings:
1.
Log in to the Management Console as an administrator with KMS Server access control.
2.
Navigate to the User Account Lockout Settings section of the KMS Server Configuration page
(Device > KMS Server > KMS Server).
3.
Click Edit.
4.
Select Enable Account Lockout to prevent a user from logging in to the server for a given duration
after a specified number of failed login attempts.
5.
Enter a value in the Number of Failed Authentication Attempts Before Account Lockout field.
6.
Enter a value in the Account Lockout Duration field. This is the period of time during which the
account is not available during lockout.
7.
Click Save.
Secure Key Manager
69