2018 September Release

Configure the Certificate Log-in for a Fabasoft Cloud OrganizationPermanent link for this heading

To allow members of your organization to log in with certificates, the following requirements must be met:

  • All certificates as files (CER files in PEM format) from the certification path to the root certificate of your organization.
    In the example below, the certificate “Fabasoft AG” is the root certificate of the organization and the certificate “Fabasoft CA” is the only other required certificate from the certification path.
  • URLs to the Certificate Revocation Lists (CRLs).

Configure the Cloud OrganizationPermanent link for this heading

In order that members of your organization can log in via a client certificate, all certificate authorities that are allowed to issue client certificates for your organization, have to be stored in the corresponding field as CER files in PEM format.

Additionally, you have to store the superordinate root and intermediate certificate authorities for the issuing certificate authorities in the corresponding field as CER files in PEM format. Provide for each root, intermediate and issuing certificate authority the corresponding certificate revocation list URLs. You can define whether a two-factor authentication is necessary when using the certificate log-in.

The CN of the certificates and the DN of the issuer must not contain special characters.

To complete the certificate configuration for your organization, you have to add the common name of the corresponding client certificates to the members (see next chapter).

Note: You can also define certificate settings for external organizations. This way you can provide a client certificate log-in for your external members, too.

To configure your cloud organization, proceed as follows:

  1. Navigate in your organization, open the “Advanced Settings” widget and click the “Define Certificate Settings” action.
  2. Import the certificates authorities and enter the certificate revocation list URLs.
  3. Click “Save”.

Assign Common Names for the User CertificatesPermanent link for this heading

To complete the configuration of the log-in with certificates for your organization, you have to register the common name of the user certificates for all members of your organization.

To assign a common name to a user, proceed as follows:

  1. Navigate in the desired member and click the “Properties” action.
  2. On the “Account” tab, enter the Common Name (CN).
  3. Click “Next” to save the changes.

Note: You may open the user certificate with certmgr.msc on a Microsoft Windows system. The common name can be found in the Subject field.

Use Certificates on an iOS DevicePermanent link for this heading

In order to use the certificate in Safari on your iPhone or iPad you have to install the certificate via a profile on your device. You may use Apple’s “iPhone Configuration Utility” to install configuration profiles with the certificate of the user on your device.

If you want to use the certificate to log in with the Fabasoft Cloud App, you have to upload the certificate as PKCS #12 file to the Fabasoft Cloud App documents on the iOS device.

To export the certificate file by using e.g. the certmgr.msc utility on a Microsoft Windows system, proceed as follows:

  1. Navigate to the certificate.
  2. On the context menu of the certificate, click “All Tasks” > “Export”.
  3. Include the private key.
  4. Select the PKCS #12 file format.
  5. Enter a password to protect the private key.
  6. Define the file name.

To upload the certificate to the Fabasoft Cloud App, proceed as follows:

  1. Connect your device to your PC and start iTunes.
  2. Select your device in iTunes and click “File Sharing” in the left area.
  3. In the “Apps” section, click “Fabasoft Cloud”. Drag the previously created certificate file on the Fabasoft Cloud documents list.
  4. Start the Fabasoft Cloud app on your iOS device. The “Import Certificate” dialog is shown. Enter the password you have chosen during export and press the “Open” button. Confirm the import by pressing the “Import” button.
  5. Now you can use the certificate on the log-in dialog of the Fabasoft Cloud.

Note: Alternatively, certificates can be uploaded to Teamrooms in the Fabasoft Cloud. To install a certificate, the respective user must navigate to the certificate and press the “Import Certificate” action. This way, administrators can conveniently provide certificates for all organization members.