Chapter 4: Configuring NSP security

Overview

Purpose

This chapter describes fundamental NSP system security elements, and includes important information that you must consider as you deploy an NSP system or component.

For additional NSP security information such as post-deployment configuration, see the NSP Security Hardening Guide or the NSP System Administrator Guide.

Contents

Overview

NSP security introduction

NSP user accounts

HTTPS Strict-Transport Security (HSTS)

NSP user authentication

Introduction

OAUTH2 mode

CAS mode

NSP Transport Layer Security (TLS)

Implementation and requirements

Configuring TLS for the NSP

NSP TLS configuration

To generate custom TLS certificate files for the NSP

To configure and enable a PKI server

To migrate to a PKI server

To reset the OpenSearch security configuration

To enable TLS communication with the NFM-P using the NFM-P certificate

To suppress security warnings in NSP browser sessions

NFM-P TLS configuration

To configure an NFM-P main server to request a PKI-server TLS certificate

To configure an NFM-P auxiliary server to request a PKI-server TLS certificate

To enable or disable TLS on an auxiliary database

To disable TLS for NFM-P XML API clients

To enable TLS for NFM-P XML API clients