Enabling two-factor authentication for SSMC

Enabling two-factor authentication for SSMC

Modify the following configuration file settings:

Procedure

Enable client certificate authentication.
1. Locate the jetty-ssl-context.xml file in the /opt/hpe/ssmc/ssmcbase/etc/ directory.
2. Open jetty-ssl-context.xml in a text editor.
3. Locate the Set name="WantClientAuth" line in the file, and then change the setting to true (defaults to false).
```
<Set name="WantClientAuth">
<Property name="jetty.sslContext.wantClientAuth" deprecated="jetty.ssl.wantClientAuth" default="true"/>
</Set>
```
  This setting causes SSMC to request a client certificate from the client (web browser) during TLS handshake (mTLS).
Enable two-factor processing.
1. Locate the ssmc.properties file in the /opt/hpe/ssmc/ssmcbase/resources/ directory.
2. Open ssmc.properties in a text editor.
3. Add the following line to the file:
  security.twofactor.enabled = true
  Enabling this setting enforces the use of two-factor authentication for users logging in from hosts that are remote to the SSMC host.