Red Hat Summit Red Hat SummitSupportConsoleDéveloppeursCommencer un essaiContact

Ce contenu n'est pas disponible dans la langue sélectionnée.

Chapter 5. Accessing the IdM Web UI in a web browser

Manage Identity Management (IdM) through a graphical interface by accessing the IdM Web UI. You can use a supported web browser to perform administrative tasks, configure user accounts, and manage security settings as an alternative to the command-line interface.

You can access the IdM Web UI as:

IdM users
A limited set of operations depending on permissions granted to the user in the IdM server. Basically, active IdM users can log in to the IdM server and configure their own account. They cannot change settings of other users or the IdM server settings.
Administrators
Full access rights to the IdM server.
Active Directory users
A set of operations depending on permissions granted to the user. Active Directory users can now be administrators for Identity Management. For details, see Enabling AD users to administer IdM.

5.1. Prerequisites
Copier lien

  • A supported web browser (Mozilla Firefox 38 and later or Google Chrome 46 and later).
  • The DNS name or IP address of the IdM server.

5.2. Configuring web browsers for smart card authentication
Copier lien

Enable Post-Handshake Authentication (PHA) so you can use the smart card access to the Identity Management (IdM) Web UI. Modern browsers often use security protocols that conflict with client-certificate authentication. By adjusting these settings, you ensure that the browser can correctly present smart card credentials to the IdM server.

Procedure

  1. If you experience problems accessing the IdM Web UI with a smart card, check the logs to see if your browser attempts to use TLS v1.3. The output might look similar to the following: 

    [ssl:error] [pid 125757:tid 140436077168384] [client 999.999.999.999:99999] AH: verify client post handshake
[ssl:error] [pid 125757:tid 140436077168384] [client 999.999.999.999:99999] AH10158: cannot perform post-handshake authentication
[ssl:error] [pid 125757:tid 140436077168384] SSL Library Error: error:14268117:SSL routines:SSL_verify_client_post_handshake:extension not received
    Copy to Clipboard Toggle word wrap

  2. Configure your specific browser to resolve the conflict:

    • For Mozilla Firefox 68 and later, enable TLS PHA:

      1. Enter about:config in the address bar to access the Mozilla Firefox preferences menu.
      2. Enter security.tls.enable_post_handshake_auth in the search bar.
      3. Click the toggle button to set the parameter to true.

    • For Chrome, which currently does not support PHA, disable TLS v1.3:

      1. Open the /etc/httpd/conf.d/ssl.conf configuration file.

      2. Add -TLSv1.3 to the SSLProtocol option: 

        SSLProtocol all -TLSv1 -TLSv1.1 -TLSv1.3
        Copy to Clipboard Toggle word wrap

  3. Restart the httpd service: 

    service httpd restart
    Copy to Clipboard Toggle word wrap

    Note that IdM manages the ssl.conf file and might overwrite its contents during package updates. Verify custom settings after updating IdM packages.

5.3. Accessing the Web UI
Copier lien

Log in to the Identity Management (IdM) Web UI for the first time to begin administrative configuration.

After the first login you can configure your IdM server to authenticate with:

Procedure

  1. Type an IdM server URL into the browser address bar. The name will look similarly to the following example: 

    https://server.example.com
    Copy to Clipboard Toggle word wrap

    You just need to change server.example.com with a DNS name of your IdM server.

    This opens the IdM Web UI login screen in your browser.

    Screenshot of the IdM Web UI accessed within a web browser displaying a "Username" field and a "Password" field. There is a blue "Log in" button below and to the right of those two fields.

    • If the server does not respond or the login screen does not open, check the DNS settings on the IdM server to which you are connecting.

    • If you use a self-signed certificate, the browser issues a warning. Check the certificate and accept the security exception to proceed with the login.

      To avoid security exceptions, install a certificate signed by a certificate authority.

  2. On the Web UI login screen, enter the administrator account credentials you added during the IdM server installation.

    For details, see Installing an Identity Management server: With integrated DNS, with an integrated CA.

    You can enter your personal account credentials as well if they are already entered in the IdM server.

    A Screenshot of the IdM Web UI with the "Username" field filled in with "admin" and the "Password" field displays several black circles obfuscating the password by replacing the characters tat were typed in.

  3. Click Log in.

    After the successful login, you can start configuring the IdM server.

Retour au début
Red Hat logoGithubredditYoutubeTwitter

Apprendre

Essayez, achetez et vendez

Communautés

À propos de la documentation Red Hat

Nous aidons les utilisateurs de Red Hat à innover et à atteindre leurs objectifs grâce à nos produits et services avec un contenu auquel ils peuvent faire confiance. Découvrez nos récentes mises à jour.

Rendre l’open source plus inclusif

Red Hat s'engage à remplacer le langage problématique dans notre code, notre documentation et nos propriétés Web. Pour plus de détails, consultez le Blog Red Hat.

À propos de Red Hat

Nous proposons des solutions renforcées qui facilitent le travail des entreprises sur plusieurs plates-formes et environnements, du centre de données central à la périphérie du réseau.

Theme

© 2026 Red Hat