Adding a CertTrustMapping
This procedure describes how to add CertTrustMapping to a station.
Prerequisites: You have the public certificate of your token provider and know the value for the Token issuer “iss” property
(provided by the Developer/Integrator during Certificate Trust Mapping configuration).A CloudAuthenticationScheme has been installed.
- Expand and double-click CertManagerService.The Certificate Management for “localhost” opens.
- Select the User Trust Store tab and click Import.The Certificate Import window opens.
- Browse to the location of your token provider's public certificate file, select the file and click Open.
- Enter an alias for the certificate and click OK.
- In the Nav tree, expand the CloudAuthenticationScheme component (added in the previous topic).
- From the nCloudDriver palette, drag a CertTrustMapping component to the Trust Manager node under the CloudAuthenticationScheme.
- Right-click the new CertTrustMapping component and select .The Cert Trust Mapping Property Sheet opens.
- In the
App Idproperty, enter theThis value is required. - In the
Expected Jwt Issuerproperty, enter the value of the token issuer “iss”.This is typically the URL of the user identity provider.
- In the
Expected Jwt Audienceproperty, enter the value of the token audience “aud”.By default, this is “Cloud Driver”, but may be changed to match the value present in the JWT for those providers that do not have a fully configurable audience property. For example, Salesforce prepends the Salesforce application ID (not to be confused with the - In the Certificate Alias property, expand the drop-down and select the alias of the certificate that was imported above.
- Save the CertTrustMapping component configuration.Certificate trust mapping is now available and the station is configured to receive commands.