Enable integration via "ESIA login" section of the Portal Constructor and set the required parameters
- ESIA environment type. Both environment types require information system registration in the Ministry of Digital Development, Communications and Mass Media
- System mnemonics (identifier). Should be consistent with the one specified in the application for ESIA connection
- Access scope (scope). Should be consistent with ones specified in the application. At least a fullname should be specified for correct operation
- Key and certificate. Download PKCS#12 (.p12 or .pfx) container with the relevant key and the certificate specified in the application for ESIA connection
- PKCS#12 container password
Enable ESIA login in Common settings.
Whitelist the following domains on APB:
esia-portal1.test.gosuslugi.ru
- for test environmentesia.gosuslugi.ru
- for production environment
Whitelists are configured in /etc/eltex-apb/hosts.json.
Блок кода | ||
---|---|---|
| ||
[{"permitted-ip-list": [ "^esia-portal1\\.test\\.gosuslugi\\.ru$", "^esia\\.gosuslugi\\.ru$",] }] |
Provide an opportunity for access points to resolve domain names. For this purpose:
- Configure DNS server that is accessible from AP management network
- Configure DNS server address sending to access points on DHCP
Информация |
---|
An access point should resolve the domains above correctly, while access to them (to the internet) is not necessary. |
Provide access to ESIA servers from Captive Portal authorization server