Adding a secure login profile

By default, the SafeLinx Administrator communicates with the access manager over an unencrypted connection. If you want the connection between the SafeLinx Administrator and the access manager to use transport layer security (TLS) protocols, add a secure login profile to the SafeLinx Administrator.

To use a secure login profile, you must add the root certificate of the SafeLinx Server server to the key database on the SafeLinx Administrator. Also, ports 9555 and port 9559 must be available for communication between access manager and the SafeLinx Administrator. If the SafeLinx Server is separated from remote SafeLinx Administrators by a firewall, configure the firewall to allow communication on those ports.

If no login profiles exist when you start the SafeLinx Administrator, the Login Profile Details window opens automatically. To open the Login Profile Details window, click File > Log In Profiles.

Complete the following procedure to add a secure login profile.

  1. Click Add Secure Profile.
  2. Enter a descriptive name of the profile in the Login profile name field. This name describes the host name and port pair that is used to connect to the access manager when you select this login profile.
  3. Enter the destination IP address or host name of the system where access manager is installed in the Host name field.
  4. Select Attempt name resolution if you want to attempt name resolution for the host name in the preceding field automatically when the SafeLinx Administrator initiates a connection. Clear this check box if your network does not have a domain name system (DNS) service, or if the SafeLinx Administrator connects to a multihomed access manager.
  5. Type the port number of the access manager in the Port field. The default value for a secure connection is 9559. The default port number for a nonsecure connection is 9555.
  6. In the Key database filename field, type the path and file name to the Java keystore that you want to use. Click Browse to display a filtered view of keystore files.
  7. In the Stash password field, type the password for the key database. The default stash password is trusted.
  8. Click OK.

    After you change the key database, restart the SafeLinx Administrator to activate the change.