- Installing BankID Security Application in corporate environments
- Install package
- Installing, updating and uninstalling
- Automatic version control
- Communication between BankID Security Application and the BankID server
- Proxy settings
- Managing installed versions
- Card readers
- Windows Terminal Server, roaming profiles
Proxy settings
The BankID Security Application uses standard functions in the operating system to maintain a connection with the BankID server and the version control server. This means that any settings in for example Edge (in Windows) for proxy linking to the internet will be used. There is support for direct configured proxies and ”Proxy auto-config” (PAC) configurations, provided that they are done in Windows.
Important to test
If a connection to the internet is only done via a proxy that requires authentication, the program may not be able to communicate with the server. It is necessary to test with the proxy in place and make any needed adjustments to the proxy. The BankID program must be allowed to communicate through a proxy with the servers mentioned earlier. For example, an inspecting proxy must not break the https-link,
but let it through without interference.
If the program can’t communicate with the BankID server, a communication error message is displayed, message code 10023.
If the program can’t communicate with the version control server, a communication error message is displayed, message code 10006.
If there are proxy-settings in Windows, but the program can’t communicate with any of the servers, a message saying that the proxy settings may be wrong is displayed, message code 10034.
VPN connection
We have observed cases where users connected via VPN and making connection to a relying party service will face a problem if the client via DNS look-up gets the address of the company’s proxy server. Since this address is part of the signature it will contain a value that the relying party does not expect, causing the identification or signature to fail.