Enable integration via "ESIA login" section of the Portal Constructor and set the required parameters
- ESIA environment type. Both environment types require information system registration in the Ministry of Digital Development, Communications and Mass Media
- System mnemonics (identifier). Should be consistent with the one specified in the application for ESIA connection
- Access scope (scope). Should be consistent with ones specified in the application. At least a fullname should be specified for correct operation
- Key and certificate. Download PKCS#12 (.p12 or .pfx) container with the relevant key and the certificate specified in the application for ESIA connection
- PKCS#12 container password
Enable ESIA login in Common settings.
Whitelist the following domains on APB:
esia-portal1.test.gosuslugi.ru- for test environmentesia.gosuslugi.ru- for production environment
Whitelists are configured in /etc/eltex-apb/hosts.json.
[{"permitted-ip-list": [
"^esia-portal1\\.test\\.gosuslugi\\.ru$",
"^esia\\.gosuslugi\\.ru$",]
}]
Provide an opportunity for access points to resolve domain names. For this purpose:
- Configure DNS server that is accessible from AP management network
- Configure DNS server address sending to access points on DHCP
An access point should resolve the domains above correctly, while access to them (to the internet) is not necessary.
Provide access to ESIA servers from Captive Portal authorization server