Describing Authentication Details

One SSO Provider (OSP) client only authentication allows ArcSight capabilities to use an existing OSP (for example, from the Platform) for authentication.

Password-based authentication requires users to specify their User ID and Password when logging in. You can select built-in authentication or external authentication, such as SAML or LDAP.

Importing Certificates

Import Root CA certificates from the Platform (on premises or Cloud, for e.g. ESM or AWS) and into the Fusion User Management TrustStore for mutual authentication.

The following steps apply to import and install a Root CA certificate:

  1. Export the certificate from your browser and into the fusion-user-management pod.

    kubectl cp /opt/certificates/caroot.cer arcsight-installer-xxxx/fusion-user-management-xxxxxxxxx-xxxxx:/tmp -c fusion-user-management

  2. Open terminal in the currently running pod:

    kubectl exec -it fusion-user-management-xxxxxxxxx-xxxxx -n arcsight-installer-xxxx -c fusion-user-management sh

  3. Change directory to where the keytool command is located:

    cd /usr/lib/jvm/zulu-8/bin

  4. Install the certificate:

    ./keytool -importcert -storepass $KEYSTORE_PASSWORD -destkeystore /usr/local/hercules/crt/mgmtTrustStore.bcfks -alias caroot -file /tmp/caroot.cer -storetype BCFKS -providerclass org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider -providerpath /usr/lib/jvm/zulu-8/lib/ext/bc-fips-1.0.2.jar

  5. Restart the fusion-user-management pod.

If an installed certificate expires, it's path changes or a fresh one is generated, you must reimport it.

AA

  1. Export the certificate from your browser and into the fusion-user-management pod:

    kubectl cp /opt/AACert.cer arcsight-installer-xxxx/saasum-fusion-user-management-xxxxxxxxx-xxxxx:/tmp -c saasum-fusion-user-management

  2. Open terminal in the currently running pod:

    kubectl exec -it saasum-fusion-user-management-xxxxxxxxx-xxxxx -n arcsight-installer-xxxx -c saasum-fusion-user-management sh

  3. Change directory to where the keytool command is located:

    cd /usr/lib/jvm/zulu-8/bin

  4. Install the certificate:

    ./keytool -importcert -storepass $KEYSTORE_PASSWORD -destkeystore /usr/local/hercules/crt/mgmtTrustStore.bcfks -alias aas -file /tmp/AACert.cer -storetype BCFKS -providerclass org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider -providerpath /usr/lib/jvm/zulu-8/lib/ext/bc-fips-1.0.2.jar

  5. Restart the fusion-user-management pod.

 

SAML Authentication

For SAML authentication, see Configuring SAML Authentication.

 

LDAP Authentication

For LDAP authentication, see Configuring LDAP Authentication.