Versions Compared

Old Version 12

changes.mady.by.user Daliya Agletdinova

Saved on

compared with

New Version Current

changes.mady.by.user Daliya Agletdinova

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Run the IndeedCM.Server.msi file from the

Axidian CertiFlow

installation package and follow the wizard instructions to complete the installation. Select an access control method for all system applications.

Image Removed

Axidian CertiFlow system consists of the following services:

  • Management console – icm mc web application.
  • Self-service – icmservice ss web application.
  • Remote self-service – icmremote rss web application.
  • Smart card unlock service – credprovapi web application.
  • API service – icmapi api web application.
  • Smart card status monitoring – Card Monitor service, no web application provided.
  • Client Agent services:
    • Agent Registration Service – agentregistrationapi web application.
    • Service for remote task execution – agentserviceapi web application.
Info

Each service has its own configuration files and access settings.

Run the AxidianCertiFlow.Server-<version number>.x64.en-us.msi file from the Axidian CertiFlow installation package and follow the wizard instructions to complete the installation. Select an access control method for all system applications.

Image Added

Scroll Pagebreak

If you select Windows Authentication, the following access control settings will be set: 

  • Authentication:
    • Windows Authentication (other for mc, ss and api applications. Other methods are disabled) for icm, icmservice, icmapi applications
    • Anonymous Authentication (other methods are disabled) for credprovapi for credprovapi, agentregistrationapi , and agentserviceapi applications. Other methods are disabled. 
    • Anonymous Authentication and Forms Authentication for icmremote rss application.
  • SSL Settings:
    • Require SSL for all applications.
    • Client certificates:
      • Ignore for icm for mc, icmapiss, icmremote, icmservicerss, credprovapi,  agentregistrationapi api and agentregistrationapi applications. 
      • Require for agentserviceapi application.

If you select Authentication by user’s personal certificates, the following access control settings will be set: 

  • Authentication:
    • Anonymous Authentication (other methods are disabled) for icm, icmapi, icmservice, credprovapi, agentregistrationapi, agentserviceapi applications.Anonymous Authentication and Forms Authentication (other for all applications. Other methods are disabled) for icmremote application. 
  • SSL Settings:
    • Require SSL – for all applications.
    • Client certificates:
      • Ignorefor credprovapifor rss, icmremotecredprovapi, agentregistrationapi applicationsagentregistrationapi applications.
      • Requiredfor icmfor mc, icmapiss, icmserviceapi, agentserviceapi applications.
Warning

If the users catalog resides in Active Directory, the certificates used for authentication should contain User Principal Name (UPN). Certificates without UPN cannot be used for logging to log in to web applications.

After the system Axidian CertiFlow is installed, you can set SSL settings for each application separately , using the IIS Management Consolein IIS Manager.