If needed, the LoadMaster can be configured to grant WUI/API access using client certificate authentication. There are two methods of client certificate WUI authentication:

  • Using Common Access Card (CAC) authentication. This works for both WUI and API access.

  • Using a local certificate which was generated in the LoadMaster WUI for a particular user.

    Note: You can allow local users to log in even if the client certificate has been deleted from the LoadMaster by enabling the Allow Client Certificate Login Without Locally Installed User Certificate option (under Certificates & Security > Remote Access > Administrator Access). By default, this option is disabled. Legacy local certificate login is not secure. Only enable this option if necessary. When enabling this option, a confirmation warning appears. Click OK to confirm.

For instructions on how to configure CAC WUI authentication, refer to the DoD Common Access Card Authentication, Feature Description.

For instructions on how to generate local certificates and use them for API authentication, refer to the sections below.

Note: Certificate-based authentication will be deprecated at some point in the future.