Secure an External Database Connection
Secure the Gateway Connection
Follow the directions below to modify the settings of your Entrust Identity as a Service Gateway to log in over Secure Shell (SSH). For more information, refer to Enable SSH on an Enterprise Service Gateway.
- Open the Identity as a Service Gateway web interface or application.
- For Gateways 5.4.1 or earlier:
- Enter the following into the command prompt:
Enter the following into the command prompt:
sudo systemctl start sshd
sudo systemctl enable sshd
- For Gateways 5.5 or later:
- Click Services.
- Select SSH Service.
- Click Enable.
- Click Start.
The connection between Identity as a Service Gateway and the external database is now secure.
Secure the Connection to the Database
Note: Using a secure connection between Instant ID as a Service and an external database requires installing the database software and OpenSSL before configuring the connection. Please refer to the documentation for your database to generate required certificates and to configure the database for SSL.
- Generate the required Certificate Authority (CA), wallet, and/or server certificate for the database.
- Configure the database for SSL. For more information, consult your Oracle, MySQL, SQL Server, or PostgreSQL documentation.
- Restart the database.
- Import the certificates generated in Step 1 into the Entrust Identity as a Service Gateway.
- Add the external database in Instant ID as a Service. For more information, refer to Enable and Configure an External Database for Enrollments.
- Select the checkbox beside Use SSL? on the Add External Database dialog box.
- Upload the certificate created in Step 1 above.
- Click Add.