Certificate Authentication

You can use configure SSL client certificate authentication for Tenable.sc user account authentication. Tenable.sc supports:

  • SSL client certificates
  • smart cards
  • personal identity verification (PIV) cards
  • Common Access Cards (CAC)

Configuring certificate authentication is a multi-step process.

To fully configure SSL client certificate authentication for Tenable.sc user accounts:

  1. Configure Tenable.sc to allow SSL client certificate authentication, as described in Configure Tenable.sc to Allow SSL Client Certificate Authentication.
  2. Configure Tenable.sc to trust certificates from your CA, as described in Trust a Custom CA.
  3. Add TNS-authenticated user accounts for the users you want to authenticate via certificate, as described in Add a TNS-Authenticated User.
  4. (Optional) If you want to validate client certificates against a certificate revocation list (CRL), configure CRLs or OCSP in Tenable.sc, as described in Configure a CRL in Tenable.sc or Configure OCSP Validation in Tenable.sc.

What to do next: