Table of Contents
Advertisement
Open: No authentication is required. Identity Audit does not request, require, or validate a
certificate from the event source.
Loose: A valid X.509 certificate is required from the event source, but the certificate is not
validated. It does not have to be signed by a Certificate Authority.
Strict: A valid X.509 certificate is required from the event source, and it must be signed by a trusted
Certificate Authority. If the event source does not present a valid certificate, Identity Audit does not
accept its event data.
"Creating a Truststore" on page 43
"Importing a Truststore" on page 43
"Server Key Pair" on page 44
Creating a Truststore
For strict authentication, you must have a truststore that contains either the event source's certificate
or the certificate for the Certificate Authority (CA) that signed the event source's certificate. After
you have a DER or PEM certificate, you can create the truststore by using the CreateTruststore
utility that comes with Identity Audit.
1 Log in to the Identity Audit server as novell.
2 Go to
/opt/novell/identity_audit_1.0_x86/data/updates/done
3 Unzip the file
audit_connector.zip
unzip audit_connector.zip
4 Either copy
TruststoreCreator.sh
certificates or copy the certificates to the machine with the TruststoreCreator utility.
5 Run the
TruststoreCreator.sh
TruststoreCreator.sh -keystore /tmp/my.keystore -password password1 -certs
/tmp/cert1.pem,/tmp/cert2.pem
In this example, the TruststoreCreator utility creates a keystore file called
contains two certificates (
password1.
Importing a Truststore
For strict authentication, the administrator can import a truststore by using the Import button. This
helps ensure that only authorized event sources are sending data to Identity Audit. The truststore
must include either the event source's certificate or the certificate of the Certificate Authority that
signed it.
The following procedure must be run on the machine that has the truststore on it. You can open a
Web browser on the machine with the truststore or move the truststore to any machine with a Web
browser.
To import a truststore:
1 Log into Identity Audit as an administrator.
2 Click the Collection link at the top of the screen.
3 Click the Configuration link on the right side of the screen.
.
or
TruststoreCreator.bat
utility.
and
cert1.pem
cert2.pem
.
to the machine with the
my.keystore
) in it. It is protected by the password
that
Data Collection
43
Advertisement
Table of Contents
Related Manuals for Novell IDENTITY AUDIT 1.0 - GUIDE
Related Products for Novell IDENTITY AUDIT 1.0 - GUIDE
- NOVELL ACCESS MANAGER 3.1 SP1 - SSL VPN SERVER GUIDE 03-17-2010
- NOVELL ACCESS MANAGER 3.1 SP2 - J2EE AGENT GUIDE 2010
- NOVELL ACCESS MANAGER 3.1 SP2 - README 2010
- NOVELL ACCESS MANAGER 3.1 SP2 - SSL VPN USER GUIDE 2010
- Novell Access Manager 3.1 SP2 Beta 1
- NOVELL ACCESS MANAGER 3.1 SP2 BETA 1 - SCENARIOS 2009
- NOVELL ADMINSTUDIO 9.5
- NOVELL APPARMOR 1.2
Need help?
Do you have a question about the IDENTITY AUDIT 1.0 - GUIDE and is the answer not in the manual?
Questions and answers