Smart Card Authentication

If your organization uses smart cards for authenticating user logins, you can use the same for Securden authentication. If users have logged in to their machines using their smart cards, they will be allowed to access the Securden web interface too. During this process, the Securden web interface will display the available certificates and users will have to choose their certificates. Securden validates them against the already configured trusted CA root certificate.

To Enable Smart Card Authentication:

1. Navigate to Admin >> Authentication >> Smart Card Authentication..
2. Toggle the Enable Smart Card Authentication to on.
3. Select the CA root certificate. You can do this by selecting the Browse button and selecting the certificate.
4. Select the Identifier.
5. From the certificate, select the attributes to be retrieved into Securden.
6. To enable Smart Card Authentication for local users, check the box and add the attribute.
7. Likewise, to enable Smart Card Authentication for Active Directory Users, check the box and add the attribute.
8. Click on Save.

In the above step, you need to add the trusted CA root certificate and then tell Securden which part of the smart card certificate attribute uniquely identifies the user details in the product. You need to specify this mapping attribute detail separately for Local Authentication OR/AND Active Directory Authentication.

Note

1. Smart card authentication serves as the primary authentication mode in Securden. It is different from the various 2FA options, which serve as the second authentication mode.
2. If your certificate has been signed by an intermediate CA, you have to add the whole certificate chain into Securden. Otherwise, the Securden web interface can't be accessed.
3. If you are using Smart Card authentication in Securden, the CA certificates added for smart card authentication will be automatically available for certificate authentication too.
4. The settings will take effect only after restarting Securden PAM Service.