This space contains documentation for TrueSight Server Automation 8.9.03 and the later service packs for 8.9. For earlier releases, see BMC Server Automation 8.9.

Public key infrastructure authentication

TrueSight Server Automation authentication can be based on public key infrastructure (PKI) for users who present a type of smart card known as a common access card (CAC). Through middleware (ActiveClient or 90meter), a TrueSight Server Automation client can access the appropriate certificate and private key on the smart card to authenticate the user. The current status of a certificate can be verified by contacting an OCSP Responder.

While logging into a TrueSight Server Automation client, the user must insert a smart card into a card reader and enter a PIN. If the information the user enters is valid and the OCSP Responder verifies the validity of the user's certificate, the Authentication Service issues the client a session credential. At that point a TrueSight Server Automation client application can use the session credential to establish a secure authenticated session with the Application Service or Network Shell Proxy Service identified by the service URLs in the session credential.

Was this page helpful? Yes No Submitting... Thank you