User registration using enterprise CA or self-signed CA
Using Enterprise Certificate Authority (CA) or self-signed CA
Certificate authentication offers stronger security by mutually authenticating the IMPACT and callback application.When the user registration is initiated from IMPACT using self-signed CA/enterprise CA, the IMPACT checks with the CA if the callback is valid. Once the identity of the callback is validated with each other, the user registration operation can proceed.
Java Keystore
The Java Keystore (JKS) is a repository that provides details on the following
items:
- The Certificate for the system.
- Private key of the system.
- The certificate chain (path to CA or subCA)
Configuring Keystore
To enable this functionality in IMPACT, you can use self-signed CA or enterprise CA.
To set up the Keystore details, configure the following parameters in values.yaml file:
agentServerTrustStoreFile:
agentServerTrustPassword:
Example configuration:
agentServerTrustStoreFile: "cert.jks"
agentServerTrustPassword: "impact"
Certificate path
Note: The certificate has to be placed within the impact-dc
directory path where the values.yaml file is
present.
[root@ramncs20fp2-control-01 charts]# ls
cdp cigserver impactbilling impact-dc impactsubscriptionrepo jsms lwm2mserver mqttadapter mqttsnadapter radiusserver sgiserver smsconnector
[root@ramncs20fp2-control-01 charts]# cd impact-dc/
[root@ramncs20fp2-control-01 impact-dc]# ls
cert.jks Chart.yaml config grafana templates values.yaml
For more information on parameters in values.yaml file, see Sample values.yaml file for JKS in IMPACT IoT Installation Guide.