TOTPRadius - Web Server and LDAPS certificates
The admin panel allows uploading different types of certificates. Navigate to "Web Server and LDAPS certificates" from the left menu
Management interface
The management interface of TOTPRadius is web based and is recommended to be accessed via HTTPS protocol (although HTTP is also supported and can be enabled if needed). In addition to the admin panel functionality, the web server is used for server replication (if configured in master/slave mode) and REST Web API (used for web-based integrations such as Citrix StoreFront self-enrollment, WordPress and ADFS plugins). Therefore, it is recommended to generate and apply the proper web server certificate for these interfaces. The appliance comes with a dummy self-signed certificate that is recommended to be replaced with your own. You can use a public certificate or a certificate issued by your internal CA (if the internal CA trust has been added to all your clients).To update the web certificate files, you need to navigate to Admin Portal -> Web Certificate page and paste the content of the private key and the certificate itself into the corresponding text areas in the Admin panel web certificate section.
VPN Interface
A similar procedure is required for updating the certificate of the VPN Portal running on the same appliance but a different port (9443). As this is the interface facing public internet (via 1:Many NAT from 443 to 9443), a commercial web certificate might be needed. You can also place the VPN portal behind a CDN that can provide the SSL certificate as a part of the service (i.e. Cloudflare).
Click on "Update certificates" button to apply the changes. The web server will need to be restarted to complete the process.
LDAPS CA Certificate
The same page allows uploading your CA Root certificates if you decide to use LDAPS protocol to connect to your LDAP servers. You can also use the built-in tool to retrieve the certificate from your LDAPS server.About
Installation and configuration
- Installation and initial configuration
- Network configuration
- Migrating from older versions
- LDAP Configuration
- Azure AD Configuration
- Self-service enrollment portal
- Web and LDAPS Certificates
- Syslog configuration
- Single-factor authentication exceptions
- Slave appliance mode
- Dynamic RADIUS Attributes
Integration guides
Blog
15-05-2023
Azure AD Authentication methods policy migration
In an effort to enhance security and streamline administration, Microsoft introduced the Authentication methods policy for Azure AD. This policy allows administrators to manage the MFA and SSPR settings from a single location, simplifying the overall user experience. However, it's important to note that the migration process has a limitation when it comes to hardware OATH tokens.
05-05-2023
Molto2 Receives "Certified Product" Badge from Independent Third-Party Assessment by SySS GmbH
At our company, we believe in delivering safe and secure products to our customers. That's why we engaged SySS GmbH, an independent third-party security company, to conduct a thorough security assessment of our product, Molto2. We are proud to announce that Molto2 has passed this assessment with flying colors and has received a "Certified Product" badge from SySS GmbH.
21-04-2023
Introducing Token2 FIDO2 PIN+: The Security Key That Enforces Strong PIN Complexity
We are excited to announce the upcoming launch of our latest product variation, the Token2 FIDO2 PIN+. The PIN+ series is a new variation of our existing security keys that deviates from the FIDO2 standards to provide stronger PIN complexity enforcement.