Versions Compared

Old Version 2

changes.mady.by.user Ribbon Communications

Saved on

compared with

New Version Current

changes.mady.by.user Ribbon Communications

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Add_workflow_for_techpubs
AUTH1UserResourceIdentifier{userKey=

8a00a0c880e94aad0181077fa2530009

8a00a0c87e188912017e4c24a00e0016, userName='null'}
JIRAIDAUTHSBX-

122871

129092
REV5UserResourceIdentifier{userKey=

8a00a02355cd1c2f0155cd26cb8305e9

8a00a02355cd1c2f0155cd26cd5909df, userName='null'}
REV6UserResourceIdentifier{userKey=

8a00a02355cd1c2f0155cd26cb8305e9

8a00a02355cd1c2f0155cd26cd5909df, userName='null'}
REV3UserResourceIdentifier{userKey=

8a00a0c86573c09001659db4327e0018

8a00a0c8779e4b220177ddd475a50031, userName='null'}
REV1UserResourceIdentifier{userKey=

8a00a0c86268f97a01627564e1480017

8a00a0c8779e4b220177ddd475a50031, userName='null'}

Internal_display_only



Panel

In this section:

Table of Contents
maxLevel2



Info
iconfalse

Related articles:

Children Display



Excerpt

The The 

Spacevars
0series4
 supports interfacing with the common certificate pool. The certificates used for HTTPS are exported from the database to the local disk space. The EMA TLS profile enables the selection of a certificate from the pool. The All Perspective allows importing of new certificates. EMA provides a tool to support certificate upload. The Certificate Upload tool is available under PKI object (System > Security > PKI). Once this action item is selected, an external window is directed to the Certificate Upload Servlet. Two types of files, p12 and pem, are supported.

The

Spacevars
0product
 also supports SHA-256 for certificate verification.

Include Page
SBXDOC121:_OneCertificateSupportSBXDOC121:
_OneCertificateSupport

Note

The user may configure up to three client CA certifications (using separate 'set' commands) for an EMA TLS Profile.

Include Page
_TLS_version
_TLS_version

Warning

PC Java Configuration supports TLS 1.0 only by default. When EmaTlsProfile v1_0 is disabled, the corresponding Java Configuration for TLS support must be enabled. See below example for Windows environment:


Note

After configuring servercert and clientCACert in EmaTlsProfile, an appropriate value must be configured for clientAuthMethod in OAM > EMA to enable client SSL verification.

To enable TLS support in Windows:

  1. Click Start and enter "Java Control Panel" in the Search field.
  2. Launch the Java Control Panel program.
  3. From the Java Control Panel, select Advanced tab.
  4. Check Verify that the "Use TLS 1.1", "Use TLS 1.2", and "Use TLS 1.3" options under Advanced Security Settings section are checked, and click Apply.
  5. Restart your browser for the changes to take effect.


Include Page
SBXDOC121:Beast_AttackSBXDOC121:
Beast_Attack

To View Ema TLS Profile

On the

Spacevars
0series4
 main screen, go to Configuration > System Provisioning > Security Configuration main screen, choose a path:

  • All Profiles > Security > Ema TLS Profile
  • Configuration > Security Configuration > Ema TLS Profile
  • Configuration > Profile Managment > Security Profiles > Ema TLS Profile

 The . The Ema TLS Profile window is displayed.

Figure 1: Security Configuration - Ema TLS Profile

To Edit Ema TLS Profile

To edit any of the Ema TLS Profile in the list, click the radio button next to the specific Ema TLS Profile name.

The Edit Selected Ema Selected Ema TLS Profile window is displayed below.

Figure 2: Security Configuration - Ema TLS Profile Edit Window

Make the required changes and click Save at the right hand bottom of the panel to save the changes made.

To Create Ema TLS Profile

To create a new Ema TLS Profile, click New Ema TLS Profile tab on the Ema TLS Profile List panel.

Figure 3: Security Configuration - Ema TLS Profile Fields

Image Removed

The Create New Ema TLS Profile window is displayed.

Info
titleNote
Note

You can create only one Ema TLS Profile.

Once the entry is created, the Image Removed Create New Ema TLS Profile button disappears from the panel.

Figure 4: Security Configuration -

To create a new Ema TLS Profile, click New Ema TLS Profile tab on the Ema TLS Profile

Create Window

List panel.

The Create New Ema TLS Profile window is displayed.

The following fields are displayed:


Table 1: Ema TLS Profile Parameters:

ParameterDescription
 NameSpecifies the name of the EMA-TLS profile. 
Auth Client

If this field is set to true, the Ema-TLS client is forced to authenticate itself EMA-TLS. The options are:

  • falseFalse
  • trueTrue (default)
Server Cert NameSpecifies the name of the server certificate referred by this EMA-TLS profile. 
Ocsp Profile NameSpecifies the name of the OCSP profile referred by this TLS profile. 
V1_0

TLS protocol version 1.0.

  • disabled 
  • enabled Disabled (default) 
  • Enabled 
V1_1

TLS protocol version 1.1.

  • disabled Disabled (default)
  • enabledEnabled
V1_2

TLS protocol version 1.2.

  • Disabled 
  • disabled Enabled  (default) 
  • enabled
V1_3

TLS protocol version 1.3.

  • Disabled 
  • disabled Enabled (default)enabled

To Delete Ema TLS Profile

To delete any of the created Ema TLS Profile, click the radio button next to the specific Ema specific Ema TLS Profile which you want to delete.

Click Delete at the end of the highlighted row. A delete confirmation message appears seeking your decision.

Click OK to remove the specific Ema TLS Profile from the list.