You can enable public key infrastructure (PKI) authentication in the Rational® DOORS® client by using command-line switches or a batch file.
About this task
If you use command-line switches to enable authentication, use these command-line switches:
- -keyDB
- The full path and file name of the keystore in the client, such as C:\certdb\client_authentication.kdb.
- -pkcs11driver
- The full path and file name of the card drive file, such as C:\Windows\System32\aetpkssw.dll. This switch is specific to the pkcs#11 standard, which Rational DOORS uses for PKI authentication.
- -pkcs11token
- The smart card name, such as "Crescendo". This switch is specific to the pkcs#11 standard, which Rational DOORS uses for PKI authentication.
- -certName
- The certificate on the smart card, such as "Crescendo:certOne". In the pkcs#11 standard, the name of the certificate must include the name of the card, in this case"Crescendo".
Procedure
Use one of these methods to enable authentication:
Results
After PKI authentication is enabled, your users must use a smart card or a certificate in the client keystore to log on.
When the Rational DOORS client starts, if the distinguished name (DN) in the client certificate is associated with only one Rational DOORS user account, the user logs on automatically. If the DN is associated with more than one user account, the "User name" window is displayed, and the user must enter a user name that is associated with the DN.
For security, the associated user names are not displayed.