Configuring Zoomdata to Support Client Certificate Authentication
Zoomdata v2.2 and newer versions support X.509 client certificate authentication. However, note that auto-provisioning of user accounts is not available for client certificate authentication.
To use the X.509 authorization you need to:
- Enable the X.509 option in the Security Services section
Configure the required properties in the
Zoomdata does not support auto-provisioning of user accounts for client certificate authentication.
For guidance on accessing and editing a Zoomdata property file, refer to the article Managing Configurations in Zoomdata .
Add the following settings to your
For each user, create an user account in Zoomdata with the username set to the 'CN' in the user's certificate.
Challenges you may run into:
User is never prompted to select a certificate:
- Make sure you have added at least one CA to the trust-store file.
- Verify server.ssl.client-auth is set to want.
Clicking login brings me back to the login page:
- Make sure the username matches the CN of the certificate being used.
- Make sure the client certificate is signed by a CA in the trust-store.