PureConnect

 View Only
Discussion Thread View
  • 1.  Single Sign On for Interaction Connect

    Posted 01-10-2019 05:42
    Hi all,
    I have set up Interaction Connect, and want to use the Single Sign On option. 

    When I click the Windows Authentication option on the Logon screen, it looks like the system goes as far as Authenticating with the Identity Provider, but then I am prompted to enter the servers username & password because "Your connection to this site is not private".

    Have any of you experienced this before?
    Can I use SSO with HTTP?

    Thanks in advance!
    Marian
    #Unsure/Other

    ------------------------------
    Marian O'Connell
    Wren Data Ltd.
    ------------------------------


  • 2.  RE: Single Sign On for Interaction Connect

    Posted 01-11-2019 02:08
    For SSO you must use HTTPS and must use a valid certificate (which means no certificate warings or red address bar). The certificate can be a local CA if the root certificate of the CA is known by your browser

    ------------------------------
    Andreas Tikart
    Fiebig GmbH
    ------------------------------



  • 3.  RE: Single Sign On for Interaction Connect

    Posted 01-11-2019 09:50
    Thanks for your help Andreas. 
    I'm having issues with setting up the certificate so I was hoping I could do this via HTTP via an Identity Provider, but it seems that I can't.

    For HTTPS I have created a self-signed certificate in IIS, but I'm still getting a "mismatched certificate" error when trying to run IC.
    Don't suppose you came across something similar during your setup?

    ------------------------------
    Marian O'Connell
    Wren Data Ltd.
    ------------------------------



  • 4.  RE: Single Sign On for Interaction Connect

    Posted 01-11-2019 09:55
    HI Marian,

    the Self Sign Cert is just for the inital website. You will need to also copy over I3 certs to the IIS Server to use when the IIS server redirects the connection to the CIC Server. I don't have access to my IIS server, but around the page it talks about self sign certs, it tells you what Cert from I3 you need to copy over.

    Thank you,
     Scott

    ------------------------------
    Scott Williams
    Missouri Higher Education Loan Authority
    ------------------------------



  • 5.  RE: Single Sign On for Interaction Connect

    Posted 01-11-2019 10:14
    You cannot use self signed certificates. You must use a CA. This can be a private CA. We are using the Microsoft CA included in Windows Server with no problems. Don't forget to import the root certificate of your private CA into you client. Internet Explorer and Chrome are using the Windows certificate store, so you can rollout the root CA within your Windows group policies.

    ------------------------------
    Andreas Tikart
    Fiebig GmbH
    ------------------------------



  • 6.  RE: Single Sign On for Interaction Connect

    Posted 01-25-2019 11:09
    Thanks for the replies on this. Been having a lot of issues with my self-signed cert (using self signed as it's just in test environment).
    Turns out self-signed certs don't have a SAN, which Chrome now checks for!
    So will be using Internet Explorer now to go on and get Windows Authentication up and running hopefully.

    ------------------------------
    Marian O'Connell
    Wren Data Ltd.
    ------------------------------



Need Help finding something?

Check out the Genesys Knowledge Network - your all-in-one access point for Genesys resources