[midPoint] MidPoint Feedback - For Future Release
Lagger, Scott
slagger at uic.edu
Mon Oct 30 15:22:07 CET 2023
Hi,
I have been working in my lab environment on a MidPoint 4.7 to MS Graph API connector. Currently, MidPoint discourages running the application on port 443 utilizing a Corp Wild Card cert. This mitigates against policy to run web servers (even internally) on TLS 1.2 or 1.3 even internally. Please consider a support paradigm for a MidPoint prod instance running on SSL port 443. Running this a root is a security risk in the documentation. Consider running the initial auth against a service account with appropriate permissions to secure the session. Then, the midpoint user would pick up for there and run the application.
Thanks,
Scott A Lagger, MS Cybersecurity, HCISPP, ITILv4
Associate Director, Identity and Access Management
Technology Solutions
University of Illinois Chicago
E: slagger at uic.edu<mailto:slagger at uic.edu>
P: 312-413-3128
728 W Roosevelt St, RRB 2nd Floor, Chicago, IL 60607
slagger at uic.edu<mailto:slagger at uic.edu>
[cid:image001.png at 01DA0B12.450C1EB0]
it.uic.edu<https://it.uic.edu/>
Visit the UIC Help Center at help.uic.edu<http://help.uic.edu/> to find IT Services, Answers, and Support!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20231030/5ea31c92/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 11068 bytes
Desc: image001.png
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20231030/5ea31c92/attachment.png>
More information about the midPoint
mailing list