Suchen
SupportKonsoleEntwicklerDemo startenKontakt

Dieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.

Chapter 15. Configuring applications for a single sign-on

download PDF

Single sign-on (SSO) is an authentication scheme which allows you to log into multiple systems through a single log-in procedure. You can configure browsers and email clients to use Kerberos tickets, SSL certifications, or tokens as a means of authenticating users.

The configuration of different applications may vary. This chapter shows how to configure SSO authentication schema for the Mozilla Thunderbird email client and Mozilla Firefox web browser as the examples.

15.1. Prerequisites

  • You have installed the following applications:

    • Mozilla Firefox version 88
    • Mozilla Thunderbird version 78

15.2. Configuring Firefox to use Kerberos for single sign-on

You can configure Firefox to use Kerberos for single sign-on (SSO) to intranet sites and other protected websites. To do so, you first have to configure Firefox to send Kerberos credentials to the appropriate Key Distribution Center (KDC).

Note

Even after Firefox is configured to pass Kerberos credentials, it still requires a valid Kerberos ticket to use. To generate a Kerberos ticket, use the kinit command and supply the user password for the user on the KDC. 

[jsmith@host ~] $ kinit
Password for jsmith@EXAMPLE.COM:

Procedure

  1. In the address bar of Firefox, type about:config to display the list of current configuration options.
  2. In the Filter field, type negotiate to restrict the list of options.
  3. Double-click the network.negotiate-auth.trusted-uris entry.

  4. Enter the name of the domain against which to authenticate, including the preceding period (.). If you want to add multiple domains, enter them in a comma separated list.

    Figure 15.1. Manual Firefox Configuration

    kerberos firefox

Additional resources

15.3. Viewing certificates in Firefox

The following example shows how to view certificates in the Mozilla Firefox.

To view certificates in Firefox, you need to open the Certificate Manager.

Procedure

  1. In Mozilla Firefox, open the Firefox menu and select Preferences.

    Firefox preferences

  2. In the left panel, select the Privacy & Security section.

    Privacy & security
  3. Scroll down to the Certificates section.

  4. Click View Certificates to open the Certificate Manager.

    firefox view certificates

15.4. Importing CA certificates in Firefox

The following example shows how to import certificates in the Mozilla Firefox.

Prerequisites

  • You have a CA certificate on your device.

To import a CA certificate:

Procedure

  1. Open Certificate Manager.

  2. Select the Authorities tab and click Import.

    Figure 15.2. Importing the CA Certificate in Firefox

    firefox import certificates
  3. Select the downloaded CA certificate from your device.

15.5. Editing certificate trust settings in Firefox

The following example shows how to edit certificate settings in the Mozilla Firefox.

Prerequisites

  1. You have successfully imported a certificate.

To set the certificate trust settings:

Procedure

  1. Open Certificate Manager.
  2. Under the Authorities tab, select the appropriate certificate and click Edit Trust.

  3. Edit the certificate trust settings.

    Figure 15.3. Editing the Certificate Trust Settings in Firefox

    firefox editing certificate

15.6. Importing personal certificate for authentication in Firefox

The following example shows how to import personal certificates for authentication in the Mozilla Firefox.

Prerequisites

  1. You have a personal certificate stored on your device.

To use a personal certificate for authentication:

Procedure

  1. Open Certificate Manager.

  2. Select the Your Certificates tab and click Import.

    Figure 15.4. Importing a Personal Certificate for Authentication in Firefox

    firefox import custom certificate
  3. Select the appropriate certificate from your computer.

15.7. Viewing certificates in Thunderbird

The following example shows how to view certificates in the Mozilla Thunderbird email client.

Procedure

  1. In Mozilla Thunderbird, open the main menu and select Preferences.

    Figure 15.5. Selecting preferences from menu

    Privacy & security

  2. In the left panel, select the Privacy & Security section.

    Figure 15.6. Selecting security section

    Privacy & security
  3. Scroll down to the Certificates section.

  4. Click Manage Certificates to open the Certificate Manager.

    Figure 15.7. Opening certificate manager

    Privacy & security

15.8. Importing certificates in Thunderbird

The following example shows how to import certificates in the Mozilla Thunderbird email client.

Prerequisites

  • You have a CA certificate stored on your device.

To import a CA certificate:

Procedure

  1. Open Certificate Manager.

  2. Select the Authorities tab and click Import.

    Figure 15.8. Importing the CA certificate in Thunderbird

    thunderbird import cert
  3. Select the downloaded CA certificate.

15.9. Editing certificate trust settings in Thunderbird

The following example shows how to edit certificate settings in the Mozilla Thunderbird email client.

Prerequisites

  • You have successfully imported a certificate.

To set the certificate trust relationships:

Procedure

  1. Open Certificate Manager.
  2. Under the Authorities tab, select the appropriate certificate and click Edit Trust.

  3. Edit the certificate trust settings.

    Figure 15.9. Editing the certificate trust settings in Thunderbird

    thunderbird edit cert

15.10. Importing personal certificate in Thunderbird

The following example shows how to import certificates for personal authentication in the Mozilla Thunderbird email client.

Prerequisites

  1. You have a personal certificate stored on your device.

To use a personal certificate for authentication:

Procedure

  1. Open Certificate Manager.

  2. Under the Your Certificates tab, click Import.

    Figure 15.10. Importing a personal certificate for authentication in Thunderbird

    thunderbird import custom cert
  3. Select the required certificate from your computer.
  4. Close the Certificate Manager.

  5. Open the main menu and select Account Settings.

    Figure 15.11. Selecting account settings from menu

    thunderbird account settings

  6. Select End-To-End Encryption in the left panel under your account email address.

    Selecting end-to-end encryption section.

    thunderbird end to end
  7. Under S/MIME section click the first Select button to choose your personal certificate to use for signing messages.

  8. Under S/MIME section click the second Select button to choose your personal certificate to encrypt and decrypt messages.

    Choosing certificate for signing and encryption/decryption.

    thunderbird select personal cert
Note

In case you forgot to import valid certificate, you can open Certificate Manager directly using the Manage S/MIME certificates.

Red Hat logoGithubRedditYoutubeTwitter

Lernen

Testen, kaufen und verkaufen

Communitys

Über Red Hat Dokumentation

Wir helfen Red Hat Benutzern, mit unseren Produkten und Diensten innovativ zu sein und ihre Ziele zu erreichen – mit Inhalten, denen sie vertrauen können.

Mehr Inklusion in Open Source

Red Hat hat sich verpflichtet, problematische Sprache in unserem Code, unserer Dokumentation und unseren Web-Eigenschaften zu ersetzen. Weitere Einzelheiten finden Sie in Red Hat Blog.

Über Red Hat

Wir liefern gehärtete Lösungen, die es Unternehmen leichter machen, plattform- und umgebungsübergreifend zu arbeiten, vom zentralen Rechenzentrum bis zum Netzwerkrand.

© 2024 Red Hat, Inc.