Signing in with a certificate rises the security level of information security of the system.
If the certificate is bound to a user profile, it is only possible to sign from the computer to which the profile is tied.
It is possible to sign in ELMA with a certificate only through Mozilla Firefox and Internet Explorer.
Binding a certificate to a user account
To log in with certificate, you first need to bind it to your user account. For that, first log in with a login and password, then open your profile and in the User Management section click on Bind certificate (fig. 1).
|
Fig. 1. User Profile. "Link certificate"
|
Attention!
If a Certification Center is specified in Security Settings, only certificates approved by this certification center can be bound to a user account.
|
Working with certificates in Mozilla Firefox and Internet Explorer differs, so there are specific instructions for each browser.
Mozilla Firefox
When you click Bind certificate, a confirmation window will open (fig. 2). In the drop-down list, select the required certificate and click OK.
The drop-down list contains all the certificates stored in the computer from which you are trying to log in at the moment.
|
Fig. 2. Confirmation window
|
If the certificate is bound successfully, you will see a respective notification (fig. 3).
|
Fig. 3. Notification about successful certificate registration
|
Internet Explorer
To manage certificates in Internet Explorer you will need to use the CAPICOM component. In case you do not have it installed, when you click on Bind certificate, your browser will notify you and install it automatically.
After you click on Bind certificate, a window opens, listing all the certificate stored in the computer from which you are trying to log in. Select the required certificate and click Bind (fig. 4).
|
Fig. 4. Certificate selection window
|
If the certificate is bound successfully, you will see a respective notification (fig. 5).
|
Fig. 5. Notification about successful certificate registration
|
After having been bound to a user account, the certificate is added to the list of trusted devices.
Logging in with certificate in Mozilla Firefox
To access ELMA with a certificate, type in the address and name of ELMA server and connection port in your browser's address bar. In the authentication window, click in the bottom right corner (fig. 6). You will see a window for signing in with token or certificate. Click Sign in by certificate (fig. 7).
|
Fig. 6. Authentication window
|
|
Fig. 7. Sign in with certificate or token
|
Certificate confirmation window will open (fig. 8).
|
Fig. 8. Confirmation window
|
Select the required certificate and click OK.
The drop-down list contains all the certificates stored in the computer from which you are trying to log in. You will log into the system if you select the correct certificate.
Signing in with certificate in Internet Explorer
To sign in by certificate, type in the address and name of ELMA server and connection port in your browser's address bar. In the authentication window, click (fig. 6) in the bottom right corner. You will see a window for signing in with token or certificate. Click Sign in by certificate (fig. 7).
Fig. 9. Selecting a certificate to sign in to the system
Рис. 10. Окно авторизации в системе. Выбор криптопровайдера
Then, in the drop-down list select a certificate (fig. 9) and click Sign in.
|
Fig. 11. Certificate selection window
|
Possible errors when signing in by certificate
When you are signing in by a certificate, an error might appear in one of the following cases:
-
-
-
-
-
the certificate is not installed in your browser.
Error message example: This certificate is not bound to a user (fig. 12).
Unbinding a certificate from a user account
If you do not need to use the certificate any longer, you can unbind it.
For that, open the user profile and click edit on the right-hand side of the Trusted Devices section (fig. 13).
|
Fig. 13. User Profile. Edit option
|
You will see a list of all the user's trusted devices (fig. 14). Click on the icon next to the certificate that you wish to unlink.
|
Fig. 14. Page featuring user's trusted devices
|
A new dialogue box will open for you to confirm that you wish to delete the device from the list (fig 15). Click Yes to unbind the certificate.
|
Fig. 15. Confirmation dialogue box
|
Copyright © 2006–2019 ELMA