Security Settings

Security settings for internal and external communication between different nodes of LogLogic LMI are stored in the /loglogic/conf/llsecurity.conf file.

To configure any of these settings, you must connect to the appliance by using SSH and edit the file. After making any changes to these parameters, you must restart the LogLogic LMI application by running the following commands:
  1. $ mtask stop
  2. $ mtask start
The following parameters are configured in this file:

Two-factor authentication

For enhanced security, LogLogic LMI provides two-factor authentication. By default, two-factor authentication is disabled. However, you can enable this feature.

Prerequisites

Before enabling two-factor authentication, ensure that:

  • SSL certificates have been issued to all users.
  • The Distinguished Name (DN) in the user's SSL certificate matches the user name in LogLogic LMI.
  • Users have imported the SSL certificates in the browser to access LogLogic LMI.

    If a user removes or deletes a certificate from the browser, the browser cache must be cleared and the browser restarted.

To enable two-factor authentication, configure the following parameters in the /loglogic/conf/llsecurity.conf file:

Parameter Default Value Description
CLIENT_AUTH_ENABLED false (disabled) Enables or disables client authentication.
CA_CERT_FILE_PATH (empty) Path to the extra client CA certificate file.

For example, /loglogic/conf/<CA_CERT_FILE>

Applicable only if two-factor authentication is enabled.