You can enable public key infrastructure (PKI) authentication
in the Rational® DOORS® client by using command-line
switches or a batch file.
About this task
If you use command-line switches to enable authentication,
use these command-line switches:
- -keyDB
- The full path and file name of the keystore in the client, such
as C:\certdb\client_authentication.kdb.
- -pkcs11driver
- The full path and file name of the card drive file, such as C:\Windows\System32\aetpkssw.dll.
This switch is specific to the pkcs#11 standard, which Rational DOORS uses for PKI authentication.
- -pkcs11token
- The smart card name, such as "Crescendo". This
switch is specific to the pkcs#11 standard, which Rational DOORS uses for PKI authentication.
- -certName
- The certificate on the smart card, such as "Crescendo:certOne".
In the pkcs#11 standard, the name of the certificate
must include the name of the card, in this case"Crescendo".
Procedure
Use one of these methods to enable authentication:
Results
After PKI authentication is enabled, your users must use
a smart card or a certificate in the client keystore to log on.
When
the Rational DOORS client starts, if the distinguished name
(DN) in the client certificate is associated with only one Rational DOORS user account, the user logs on automatically.
If the DN is associated with more than one user account, the "User
name" window is displayed, and the user must enter a user
name that is associated with the DN.
For security, the associated
user names are not displayed.