- This line was added.
- This line was removed.
- Formatting was changed.
This article describes how to set up certificate-based login to Nexus Smart ID Identity Manager (PRIME).
A working HTTPS configuration with client authentication on the Tomcat is required. See Configure https for Tomcat.
The first step is to set up an authentication profile in the PRIME Designer:
When a user logs in to PRIME with a certificate, the PRIME server does a validation of the corresponding certificate revocation lists (CRLs). To check the certificate chain of the CRL Signing CA, there is a separate truststore configured on the PRIME server.
To configure the path to the truststore
To access the PRIME components, use the following links: