- Overview
- Requirements: CylanceON-PREM
- Configuring the CylanceON-PREM virtual appliance
- Configuring the console
- Setting up the CylancePROTECT agent
- Device management
- Threat management
- Global lists
- Administration
- Managing users
- Managing roles
- Update profile information
- Audit logs
- Managing Certificates
- Setting up email notifications
- Settings
- Upgrade CylanceON-PREM
- Reboot the virtual appliance
- Configure session timeout
- Update CylanceON-PREM SSL certificate version 1.3.1 and later
- Update CylanceON-PREM SSL certificate version 1.2.2.1 and earlier
- Change the certificate cipher mode
- Enable maintenance mode
- Change network settings
- Check an IP address
- Change the log level
- Download logs
- Configure syslog/SIEM settings
- Update database connection settings
- Configure active directory
- Configure identity provider settings
- Using certificate-based authentication
- Add a banner to the login screen
- Applications
- CylanceON-PREM API
- Troubleshooting
- Agent not communicating with CylanceON-PREM
- Web browser reports insecure webpage
- Unable to connect to external database
- Configure static IP using the OVF tool
- Remote server 404 error in log files
- Log in with a local administrator account
- Online Certificate Status Protocol issues
- A user is not receiving email notifications
- Before you contact support
- BlackBerry Docs
- CylanceON-PREM
- Cylance ONPREM Administration Guide
- Administration
- Settings
- Using certificate-based authentication
Using certificate-based authentication
The
CylanceON-PREM
console supports certificate-based authentication when an administrator logs in. You can create other administrators that must use certificate-based authentication and add or remove certificates from the CylanceON-PREM
server. The CA certificates uploaded to the CylanceON-PREM
server specify which client certificates are trusted for access to the console. If the client certificate is trusted by the Certificate Authority, then the user is authenticated and can access the console. During authentication, the server checks for revoked certificates to ensure the certificate has not been revoked. If the certificate has been revoked, the administrator will not be allowed to log in to the console. As a failsafe, the console will not allow you to delete or deactivate all of the local administrator accounts.