![]() ![]() ![]() OCSP is a certificate validation protocol that is used to get the revocation status of a certificate. A CRL is a list of revoked certificates published by the CA that issued the certificates. Certificate revocation checking with certificate revocation lists (CRLs) and with the Online Certificate Status Protocol (OCSP) is supported. Certificates are often revoked when a user leaves an organization, loses a smart card, or moves from one department to another. You can configure certificate revocation checking to prevent users who have their user certificates revoked from authenticating. Unified Access Gateway uses a SAML assertion to communicate information about the end user's X.509 certificate and the smart card PIN to the Horizon server. In the basic deployment model, Unified Access Gateway is typically deployed in the DMZ network, behind a load balancer. Both configurations support load-balancing for high availability and SSL/TLS offloading. With this feature, smart card certificate authentication is performed against the Unified Access Gateway service. Unified Access Gateway offers basic and cascade-mode architecture models for deployment. End users can use smart cards for logging in to a remote Horizon desktop operating system and to access smart-card enabled applications, such as an email application that uses the certificate for signing emails to prove the identity of the sender. Smart card authentication provides two-factor authentication by verifying both what the person has (the smart card) and what the person knows (the PIN). inWebo MFA can be enabled as an authentication layer combined with VMware Unified Access Gateway (UAG) to verify users identities before they access the. You can configure x509 certificate authentication in Unified Access Gateway to allow clients to authenticate with certificates on their desktop or mobile devices or to use a smart card adapter for authentication.Ĭertificate-based authentication is based on what the user has (the private key or smart card), and what the person knows (the password to the private key or the smart card PIN).
0 Comments
Leave a Reply. |