Configuring PIV user authentication for IBM InfoSphere Data Replication

You can configure Personal Identity Verification (PIV) user authentication for AS and MC to enable certificate-based authentication using PIV cards or certificates stored in the Windows keystore.

Before you begin

Ensure that these prerequisites are met:
  • PIV user certificates are loaded in the Windows keystore.
  • Private keystores and truststores for both server and client are mutually trusted.
  • You have administrative access to install and configure AS and MC.
  • Windows 11 operating system.

About this task

PIV user authentication provides enhanced security by using X.509 certificates for user authentication instead of traditional username and password credentials. This configuration enables mutual TLS authentication between MC clients and AS.
Important: This feature requires PIV user certificates to be loaded in the Windows keystore and mutual trust between server and client keystores.

Procedure

  1. Install and configure Management Console for PIV authentication.
  2. Install and configure Access Server for PIV authentication.
  3. Log in to Access Server using the non-PIV administrator user.
  4. Configure PIV users in Access Manager.
  5. Log in with PIV user authentication.