To ensure that the Access Review driver communicates securely with the Access Review server and the User Application, you can configure a TLS/SSL connection. The driver supports the following types of certificates for secure communication:
Self-signed public key certificate for the server
Trusted root certificate of the certificate authority (CA) used to sign the server’s public key certificate
To use a self-signed public key certificate, you need the iac-certtool utility. You can download the utility from the Access Review customer portal.
Log in to the Access Review server as an administrator.
Run the iac-certtool utility.
Specify the URL for the Access Review application or the User Application.
Select Get Certificate.
If the content of the certificate is correct, select Yes.
Copy the certificate content to a text file.
In Designer, run the configuration wizard for the Access Review driver.
In the Publisher configuration section, paste the certificate content in the certificate input field.
Complete the configuration, and then deploy the updated driver.
If your organization uses a public key certificate signed by a certificate authority, such as Verisign or Entrust, you must obtain the appropriate trusted root certificate that corresponds to the certificate authority. You can obtain the trusted root certificate from your organization or the certificate authority your organization used.
Acquire the trusted root certificate.
In Designer, run the configuration wizard for the Access Review driver.
In the Publisher configuration section, import the trusted root certificate.
Complete the configuration, and then deploy the updated driver.