Page tree

Do you want an overview on Nexus' solutions, customer cases, contact information and more?


Skip to end of metadata
Go to start of metadata

Nexus Hybrid Access Gateway is a software-based authentication and federation product used to enable secure access to digital services – no matter where those services or users are located.

The product supports many user-friendly two-factor authentication (2FA) methods and provides identity federation, enabling users to log on just once (Single-sign on) to reach all managed resources. Hybrid Access Gateway is interoperable with Nexus Personal, services for PKI cards and PKI mobile identity authentication. You can read more in the article Hybrid Access Gateway overview.

Search in Hybrid Access Gateway (use complete words or wildcard character * to search)



A Nexus Hybrid Access Gateway hotfix is available, now also for older browser versions, to avoid downtime and solve the full spectrum of problems due to the SameSite cookie directive change

For more information, see Important note on Hybrid Access Gateway and the SameSite cookie directive change.


Microsoft recommends administrators to do hardening on Active Directory Domain Controllers

Microsoft has released an article where they recommend administrators to enable LDAP channel binding and LDAP signing on Active Directory Domain Controllers because of a vulnerability found in the default configuration for Lightweight Directory Access Protocol (LDAP).

Microsoft will release a security update in March 2020 to change the default configuration of LDAP channel binding and LDAP signing. This article describes steps that can be done in the meantime:

After the configuration is changed (manually or by the update), you must enable to use SSL and upload the SSL certificate of the AD in Hybrid Access Gateway's CA certificate section. For instructions, see Add user storage and Add certificates ("Add certificate authority"). The SSL certificate must have the DNS name used as subject or SAN attribute in order to be valid. For more information, see Adapt Hybrid Access Gateway for endpoint identification.

See more news...

Recently updated