The following describes how to add a new client certificate user account for the Software Appliance. Adding a new user account also allows you to remove the Initial OTP User to avoid security concerns.
You need to add at least one trusted CA (Certificate Authority) and the corresponding certificate before you can use a Client Certificate account.
Proceed as follows to create a new User Account for the Software Appliance:
- Log in to your Software Appliance and open the Access page.
In the section User Accounts click Add User Account.
- The corresponding form will open. Enter the required information.
- For Authentication Type, select the option Client Certificate.
- In Certificate Details the X.509 Match Type is already preselected.
Default in the list and recommended match type is the Certificate serial number.
- Specify the Match Value for the selected Match Type.
Click Add User Account to confirm your entries. The new User appears in the list of User Accounts.
Since the virtualization platform is often managed by a different person than the Software Appliance, you should remove the Initial OTP user once you have created a new user account in order to avoid security issues. As you are currently logged in with the Initial OTP user account, you need to re-login using the newly added user account before removing the initial account.
- Log out and then log back in with the newly created user account.
- Remove the Initial OTP user to avoid security issues, see Step 2 - Remove the OTP User.