Active IQ Unified Manager Discussions

Certificate based authentication in UM 7.3, 9.4

Cavin
2,660 Views

need advise on how to implement this solution, rather than relying having to create local a/c in nas used for adding it to UM for datasource acquisition.

 

 

 

1 REPLY 1

GidonMarcus
2,644 Views

Hi. you mean OCUM access to the cluster with a Client Cert and not a user? if so, i don't think it's possible.

 

Also from sec point. i think that ther's much different if the client cert saved in OCUM getting stolen or a password/api key saved in OCUM getting stolen.

Client cert is mainly useful when you have a token device or a smart card to protect the key. if the cert is unprotected - it's not much different from an unprotected password (well -after a re-think: at least for common attacks. as the private key will also not go over the wire as password do on the authentication. but that goes encrypted channel anyway)

 

Gidi.

Gidi Marcus (Linkedin) - Storage and Microsoft technologies consultant - Hydro IT LTD - UK
Public