28.2 Enabling Client Authentication

By default, client authentication is disabled in Transformation Hub. To enable client authentication after installation, perform the following:

  1. Replace the default CA with a new CDF root CA. For more information, see Changing the CDF Certificate Authority.

  2. Log in to CDF Management Portal.

  3. Click Deployment > Deployments.

  4. Click of arcsight-installer, then click Uninstall to uninstall all the software.

  5. Click of arcsight-installer, then click Install to reinstall Identity Intelligence and all the software.

  6. Select the metadata file version in version and click Next.

  7. Read the license agreement and select I agree.

  8. Click Next.

  9. In the Capabilities page, select the following and click Next:

    • Transformation Hub

    • Identity Intelligence

    • Analytics. Prerequisite for ArcSight Investigate and Identity Intelligence.

  10. Specify the values you provided during installation:

    1. In the Transformation Hub configuration page, enable Enable Connection to Kafka uses TLS Client Authentication.

      Ensure that you provide the appropriate values for other configuration fields. For more information, see the Transformation Hub Tuning section in the Hardware Requirements and Tuning Guidelines.

    2. In the Analytics configuration page:

      • Specify Vertica connection details

      • Specify values for Client ID and Client Secret for Single Sign-On

    For more information about the values, see Installing Identity Intelligence.

  11. Click Next until you reach the Configuration Complete page.

  12. Restart the ITOM-DI pods manually after all the pods are displayed in green in the Configuration Complete page:

    1. Get the name of all ITOM-DI pods:

      kubectl get pods --all-namespaces | grep itom-d

    2. Restart all the pods individually by executing the command:

      kubectl delete pod -n <namespace> <ITOM-DI pod name>

  13. Ensure to configure mutual authentication SSL in all the following components:

    Component

    See

    Vertica

    Configuring SSL for Vertica

    Identity Governance

    Configuring SSL between Identity Governance and Transformation Hub

    Identity Manager Driver for Entity Data Model

    Creating and Configuring the Driver.

    SmartConnector

    Installing SmartConnector