The whole process of setting up a mobile service:
- Entering the relevant settings in the Mobile Service Control Centre.
- Import SSL certificate into EBA DMS (optional)
Setting up the mobile service
HTTP port – select the port number through which you want to access the service.
HTTPS port – if you want to access the service using a secure protocol with an SSL certificate, enter the port number. The HTTP value above is no longer taken into account.
Enable SSL – must be ticked if you want to enable SSL certificate and HTTPS connection.
SSL certificate – select the SSL certificate that was previously imported into the certificate store.
Use Let’s encrypt Certificate – tick if you want to use a Let’s encrypt certificate.
Root path: Enter if we want to use a subfolder in the domain, e.g. https://domenapodjetja/apps/ebadms – in this case enter /apps/ebadmsMobile
server: Enter here the IP or domain through which we want to access the mobile serviceDefault
language: Set the default language of the web client
Initial pool size: Specify how many requests for ancillary services (e.g. scriptworker) the service can useAdditional
pool size: Specify how many requests from the above bullet point should be additionally on standbyServer
name or address: Enter the IP or hostname of the server where the EBA DMS application services are installed
Access filters and 2FA authentication
Here you can set access restrictions by IP, allow access from external networks and enable two-factor authentication – after successfully entering the password, the user receives an additional PIN code on their email address, which they must enter to enter the EBA DMS web client.
In order to send PIN codes, it is necessary to have a properly configured messenger service with the sender’s address entered and the users’ e-mail addresses entered.
Set the filters by first clicking on “All” under “Connection name” in the left field, then click on “Add” in the right field.
A window will open for you to enter your options:
Description: Enter the description of the filterNetwork
: Enter IP addresses in the format x.x.x.x.x/xx, for access from all IP addresses enter 0.0.0.0/0. For the local network enter e.g. 192.168.1.0/16, which means access is allowed from all IPs starting with 192.168.1.x.
Type: Select the access type, External=external and internal=internalRequire
Tick to enable two-factor authentication
Import SSL certificate
After entering the settings, select the filter from the list and activate it with the “Enable” button.
After you have obtained the SSL certificate, store it in a suitable location on the server for import into the EBA DMS.
To import an SSL certificate into the EBA DMS, you need a web link (URL) to the Issuer’s Certificate Authority (CA) and to the Certificate Revocation List (CRL)
Some of these links can be found in our list
Go to Administration>Signing>CA. Click on the “Add from web” button.
Enter the appropriate links to the CA certificate and CRL address and click OK.
A new CA certificate appears in the list with details, now we can import our own SSL certificate.
Import the certificate into the certificate store.
Go to Administration>Credentials>Certificate Store.
Click Import Certificate and locate the SSL certificate you have obtained.
When importing, the program will ask you for the password of the certificate, the one you specified when checking out.
Enter the password, and then the program will ask you to assign a password for the certificate in the EBA DMS. Enter any password you like, but remember it as you will need it later.