Till now i have created my some unique user accounts for my team members and gave admin access to login Policy manager. But i observed there is an option called Certificate in after user creation template. I don't want the user to access my policy manager with by using just user credentials even though he/she has the admin privileges.
I want to upload his/her certificate while creating the user account and then by using CN name only he would able to access.
Could you please let me know how can i achieve this.
Below is links to our documentation that I feel should cover your question. One the user properties go to the certificate tab and click the Import button and then complete the Add Certificate Wizard.
Creating a federated user: Creating a Federated User - CA API Gateway - 9.0 - CA Technologies Documentation
Federated user properties: Federated User Properties - CA API Gateway - 9.0 - CA Technologies Documentation
But i don't need to use Federated User. I am looking for using IIP(Internal Identity Provider) to restrict the user to use only CN for accessing the policy manager.
How can i achieve this?
Simply just attach a certificate to your users in the IIP certificate properties tab.
Just pay attention that, by default, certificate authentication will be prefered to login/password for authenticating via Policy Manager
I have created the certificate(PKCS12) format in policy manager and saved the certificate with .crt then tried to login with that certificate but it is giving me invalid certificate error.
Could you please clarify me if i did anything wrong. I followed the below for creating the certificate.
1. Logged in with user account --> Manage private keys --> Created and imported the private key and respected certificate to my local system
2. Created the user under IIP and then imported the certificate into user account
3. Logout policy manager from the user account
4. Imported the certificate for using certificate to login policy manager but it failed.
I fixed the issue. Initially the account was with different name and certificate CN name is different due to which i was unable to login by using certificate. Now i created with the same names.
I can able to login successfully. Thanks for your help.
Glad to read that your issue is fixed rajasekhar33