How to setup X.509 Certificate Authentication?
- Open your Browser. (Firefox, Chrome, Safari, or Internet Explorer)
- To make sure, your environment is set up properly, please first clear your browser cache.
- After you are logged in, on the Dashboard page.
- Go to https://secure.logmeonce.com/tfa or click on Smart Menu->Two-Factor Authentication.
- Download PKCS#12 certificate.
- It should ask you to enter a password to protect the PKCS#12 file. This password is used to protect your certificate and you will use this password in the future.
- After entering the password, click Download to download the X509 certificate.
- Install PKCS#12 certificate in your browser or system first.
How to Install X.509 Certificate on Firefox?
- For Firefox - Certificate is installed in your browser. On your Firefox, please go to the following path
Go to Tools -> Options -> Advanced -> Certificates -> View Certificates -> Then choose "Your Certificates" tab - and click Import.
How to Install X.509 Certificate on Chrome, Safari, and Internet Explorer?
- For Chrome, Safari, and Internet Explorer - Certificate is installed in your system
- Download certificate and just double-click - it will open "Certificate Import Wizard"
- Leave "Current User" as Store Location and click "Next"
- Click "Next" on the "File to Import" step
- Enter the password that you assigned to certificate in "Private key protected" step - then click "Next"
- In the "Certificate Store" step, leave "Automatically select the certificate store based on the type of certificate" checked - then click "Next"
- After clicking the "Finish" button you will see "The import was successful" message
- In case of any issues with the certificate installed in your system - make sure it is installed in "Certificate Manager" under Personal -> Certificates
For information on how to access "Certificate Manager": http://windows.microsoft.com/en-ie/windows-vista/view-or-manage-your-certificates
- If your certificate is not visible under Personal -> Certificates - try to install it again and manually select the "Personal" store in the "Certificate Store" step
How to Enable 2FA with X.509 Certificate?
- Select the “Enable X.509 Certificate Authentication for Two-Factor Authentication” option.
- Click on the “Save Changes” button.
- Then logout from the application and try to login again with valid credentials.
- During Login after typing username and password - it should ask you for a certificate. Please note that your browser may remember the selected certificate - and will not ask you to select the certificate until you restart the browser. But still, X.509 is processed during the login. If any issues, please restart your browser so your browser selects the certificate.
- Select the certificate and click on “OK” button. Note: The certificate selection screen may look different in each browser.
- The user should be able to log in.
- In case you still can't log in - the system will send you an email notification about Login Failed - you will be able to disable Two-Factor Authentication with that email.
If you are facing any issue during installation or authentication of the X509 certificate, please perform the following:
- Clear your browser cache
- Close all browser tabs/windows and restart your browser and try again to authenticate with the X509 certificate.
- You can always disable 2FA from Account Recovery (https://secure.logmeonce.com/recovery)