How To: Connector Two Factor Authentication

Avatar
Trent Seed
Follow

Release 4.1 introduces the ability to configure two factor authentication. To take advantage of this new functionality, the following steps must be performed.

  • Generate user certificate
  • Register user certificate via WebUI
  • Configure connector to use 2FA

Generate user certificate

  • Create a user key (user.key)

    openssl genrsa -des3 -out user.key 4096

  • Create a Certificate Signing Request (CSR)

    openssl req -new -key user.key -out user.csr

  • Sign a CSR using CA and generate the user's certificate; Sign the csr to a certificate valid for 365 days (adjust if needed)

    openssl x509 -req -days 365 -in user.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out user.crt

  • Construct a single PEM file with Key and Certificate inside

    cat user.key > user.pem; cat user.crt >> user.pem

Register user certificate via WebUI

Go to your account certificates and upload the generated user certificate (user.pem)

image_copy.jpg

Configure connector to use 2FA

Update connector config to use 2FA

[oomnitza]
url = https://subdomain.oomnitza.com
2fa_ssl_certificate = /path/to/user.pem
Have more questions? Submit a request

0 Comments

Article is closed for comments.
Powered by Zendesk