IIS Implementation Guide

Guide to implementing Digi-Access™ on IIS
Descriptions of the Digi-Access™ invitations options
Digi-Access™ certificates are issued according to the Enrolment Policy. The first stage is the Inviting stage that is controlled by the End Entity Account Manager interface in Digi-CA™. There are three options:

Digi-Access™ Certificate Support

This is the main Digi-Access™ Help page for end users and provides all the support pages you require to own and use your Digi-Access™ two factor authentication certificates. For Administrator help and instructions, view the Digi-Access™ Administrator support section.

Step 3 - Issuing Digi-Access™ Certificates to the End Users

The Digi-CA™ Certificate Authority [CA] system (that issues the Digi-Access™ end user certificates) can issue thousands of certificates every hour.

Step 1 - Changing the Login Page to require Digi-Access™

Depending on how you decide to implement Digi-Access™ will dictate whether you need a new login page or not.

Step 2 - Configuring Digi-Access™ on the Server

The instructions below are for the two most popular servers (i.e. IIS and Apache). If you are using different web server software, use the online contact form for Support and they will supply the instructions for your server.

Allow 30 Minutes

Enabling Enabling Digi-Access™ Two Factor Authentication on IIS 5.x+ web server

To enable Client Certificate Authentication on IIS 5.x+ you will need to obtain Certification Authority [CA] Certificates, your own Digi-Access™ Client Certificate and setup a local user (or Active Directory Domain) account on a Windows Server that the IIS 5.x+ web server is installed and running on.

Digi-Access™ - Revoking an end user certificates

Allow
<1 Minute
 
     

Enabling Client Certificate Authentication on IIS 5.x+ web server

To enable Client Certificate Authentication on IIS 5.x+ you will need to obtain Certification Authority [CA] Certificates, your own Digi-Access™ Client Certificate and setup a local user (or Active Directory Domain) account on a Windows Server that the IIS 5.x+ web server is installed and running on.

2.1 Obtaining and installing the Digi-Access™ Certification Authority Certificates

Setting up a Client Certificate Mapping – Digi-Access™ User on IIS 5.x+

Once the Windows User Account (from section 3.1) is present, you may move to the final step of this document where you setup a Digi-Access™ user. Before you do this, make sure that you have the following items available:

Setting up Directory User Account

Log on as a Domain Administrator to the Windows Server where Windows Active Directory is installed on and the Windows server containing the Digi-Access™ facility is connected to and:

Go to Windows Administrative Tools.