Skip to Content
Information
Unsupported content This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

Public key infrastructure authentication

BMC Server Automation authentication can be based on public key infrastructure (PKI) for users who present a type of smart card known as a common access card (CAC). Through middleware, a BMC Server Automation client can access the appropriate certificate and private key on the smart card to authenticate the user. The current status of a certificate can be verified by contacting an OCSP Responder.

While logging into a BMC Server Automation client, the user must insert a smart card into a card reader and enter a PIN. If the information the user enters is valid and the OCSP Responder verifies the validity of the user's certificate, the Authentication Service issues the client a session credential. At that point a BMC Server Automation client application can use the session credential to establish a secure authenticated session with the Application Service or Network Shell Proxy Service identified by the service URLs in the session credential.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC Server Automation 8.3