- BlackBerry AtHoc set up and administration overview
- Manage organizations
- Configure BlackBerry AtHoc settings
- Configure basic settings
- Manage system settings
- Specify system settings options
- Add or remove a disclaimer for the BlackBerry AtHoc management system
- Security policy settings
- Define password rules
- Configure password complexity
- Enforce a system-wide password update
- Revoke operator permissions automatically
- Set session timeout and continue session values
- Limit active sessions
- Enable operator login using smart cards
- Require operator login using smart cards
- Enable SSO certificate revocation list checking
- Import a service provider certificate
- Enable CAPTCHA validation
- Monitor system health
- View the diagnostic log
- View geolocation transactions and logs
- Database archiving
- Organizations Manager
- Enable and disable features
- Manage the agents for integrated devices
- Provision applications that can call the web API
- Configure API throttling settings
- View the operator audit trail
- Manage system jobs
- Purge ended alerts
- Manage SMS Opt-In
- Configure device gateways
- Configure devices overview
- Configure devices
- Enable and disable devices
- Set device delivery priority
- Add a device to the user details contact information
- Manage mass communication devices
- Mass device types and categories
- Create a mass device endpoint
- View and edit device details
- Configure Giant Voice devices
- Configure the AtHoc Connect organization network
- Manage the Cloud Services Gateway
- Configure RSS feed information for RSS and Atom content feeds
- Configure XML feed information for mass communication devices
- Configure failover delivery gateways
- Manage a TTY/TDD phone device
- Manage a pager device
- Configure desktop app settings
- BlackBerry AtHoc Customer Support Portal
- Documentation feedback
- Legal notice
- BlackBerry Docs
- BlackBerry AtHoc
- 7.15
- System Administrator Configuration Guide
- Manage system settings
- Security policy settings
- Enable SSO certificate revocation list checking
Enable SSO certificate revocation list checking
When Single Sign-On (SSO) is enabled for your organization, a Certificate Revocation List (CRL) is maintained. A CRL is a list of digital certificates that have been revoked and should not be trusted. If CRL checking is enabled,
BlackBerry AtHoc
checks the CRL before initiating a Security Assurance Markup Language (SAML) authentication request to an identity provider (IDP) or after receiving an SAML response from the IDP.- In the navigation bar, click
. - In theSystem Setupsection, clickSecurity Policy.
- In theSSO CRL (Certificate Revocation List) Settingssection, select theEnable CRL Checkingoption.If theSSO CRL (Certificate Revocation List) Settingssection is not visible, SSO is not enabled. For information about enabling SSO, see "Enable single sign-on" in theBlackBerry AtHocManage Users Guide.
- In theCRL Timeout Intervalfield, enter the number of seconds to allow for certificate validation information to be retrieved from the Certificate Authority (CA). The minimum is 1 and the maximum is 60 seconds. The default is 20 seconds.
- Optionally, select theIgnore Verification Errorsoption. This option is selected by default. When selected, any error that occurs during CRL verification is added to the diagnostic log. This option does not interrupt the SSO authentication flow. If this option is not not selected, when CRL verification fails, the user is redirected to an error page.
- ClickSave.