Versions Compared

Old Version 11

changes.mady.by.user Mikhail Yakovlev

Saved on

compared with

New Version 12

changes.mady.by.user Daliya Agletdinova

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Run the IndeedCM.Server.msi file from the Indeed Certificate Manager Axidian CertiFlow installation package and follow the wizard instructions to complete the installation. During the installation process, you shall be prompted to select a method of Select an access control method for all the system applications.

The Indeed CM Axidian CertiFlow system consists of a number of the following services:

  • Management console – icm web application.
  • Self-service – icmservice web application.
  • Remote self-service – icmremote web application.
  • Smart card unlock service – credprovapi web application.
  • API service – icmapi web application.
  • Smart card status monitoring – Card Monitor service, no web application provided.
  • Client Agent services:
    • Agent Registration Service – agentregistrationapi web application.
    • Service for remote task execution – agentserviceapi web application.
Info

Each service has its own configuration files and access settings.

Scroll Pagebreak

When Windows authentication is selectedIf you select Windows Authentication, the following access control parameters are settings will be set: 

  • Authentication:
    • Windows Authentication (other methods are disabled) for icm, icmservice, icmapi applications
    • Anonymous Authentication (other methods are disabled) for credprovapi, agentregistrationapi, agentserviceapi applications.
    • Anonymous Authentication and Forms Authentication for icmremote application.
  • SSL Settings:
    • Require SSL for all applications.
    • Client certificates:
      • Ignore for icm, icmapi, icmremote, icmservice, credprovapi, agentregistrationapi applications.
      • Require for agentserviceapi application.

When If you select Authentication by user’s personal certificates is selected, the following access control parameters are settings will be set: 

  • Authentication:
    • Anonymous Authentication (other methods are disabled) for icm, icmapi, icmservice, credprovapi, agentregistrationapi, agentserviceapi applications.
    • Anonymous Authentication and Forms Authentication (other methods are disabled) for icmremote application.
  • SSL Settings:
    • Require SSL – for all applications.
    • Client certificates:
      • Ignore – for credprovapi, icmremote, agentregistrationapi applications.
      • Required – for icm, icmapi, icmservice, agentserviceapi applications.
Warning

If the user directory is users catalog resides in Active Directory, then the certificates used for authentication should contain User Principal Name (UPN). The certificates Certificates without UPN cannot be used for logging into in to web applications.

After the system is installed, you can set SSL settings for each application separately, using the IIS Management Console.