Adding a secure login profile

By default, the SafeLinx Administrator communicates with the access manager over an unencrypted connection. If you want the connection between the SafeLinx Administrator and the access manager to use transport layer security (TLS) protocols, add a secure login profile to the SafeLinx Administrator.

Before you begin

To use a secure login profile, you must add the root certificate of the SafeLinx Server server to the PKCS12 keystore file on the SafeLinx Administrator. Also, ports 9555 and port 9559 must be available for communication between access manager and the SafeLinx Administrator. If the SafeLinx Server is separated from remote SafeLinx Administrators by a firewall, configure the firewall to allow communication on those ports.

About this task

If no login profiles exist when you start the SafeLinx Administrator, the Login Profile Details window opens automatically. To open the Login Profile Details window, click File > Log In Profiles.

Complete the following procedure to add a secure login profile.

Procedure

  1. Click Add Secure Profile.
  2. Enter a descriptive name of the profile in the Login profile name field. This name describes the host name and port pair that is used to connect to the access manager when you select this login profile.
  3. Enter the destination IP address or host name of the system where access manager is installed in the Host name field.
  4. Select Attempt name resolution if you want to attempt name resolution for the host name in the preceding field automatically when the SafeLinx Administrator initiates a connection. Clear this check box if your network does not have a domain name system (DNS) service, or if the SafeLinx Administrator connects to a multihomed access manager.
  5. Type the port number of the access manager in the Port field. The default value for a secure connection is 9559. The default port number for a nonsecure connection is 9555.
  6. In the PKCS12 keystore file field, type the path and file name to the PKCS12 keystore file. Click Browse to display a filtered view of keystore files.
  7. In the Keystore password field, type the password for the PKCS12 keystore file. The default password is trusted.
  8. Click OK.

    After you change the PKCS12 keystore file, restart the SafeLinx Administrator to activate the change.