The mydigipass module allows to easily integrate the MYDIGIPASS.COM service in a Drupal website. MYDIGIPASS.COM is an authentication service which uses two-factor authentication and relies on one-time passwords to protect access to your website.
By enabling this module on your website, your end-users can authenticate themselves using MYDIGIPASS.COM instead of using a static password. The module is flexible to allow for existing users to link their Drupal account with a MYDIGIPASS.COM account and for new users to register a new Drupal account and to link it immediately to their MYDIGIPASS.COM account.
This module does not rely on other modules. However, the webserver on which the Drupal website is hosted must be able to make connections to the MYDIGIPASS.COM service on the Internet. If you don't know whether your webserver can make such connections, a "Test connectivity" button has been foreseen in the module's administration pages which allow to check whether it is possible to make connections to MYDIGIPASS.COM or not. In order to connect to MYDIGIPASS.COM, the module uses the same functionality as used by Drupal to check for updates.
When using this module on a production website, it is strongly recommended that your website is reachable over https.
ENABLE STRICT SSL CERTIFICATE VALIDATION
The latest release of this module allows to configure strict SSL certificate validation, which is sometimes also called certificate pinning. The current SSL certificate is issued by GoDaddy. By enabling strict SSL certificate validation, this module will only communicate with a remote server if it presents a valid SSL certificate for mydigipass.com which has been issued by GoDaddy. This prevents a man-in-the-middle attack.
Follow these steps to enable strict SSL certificate validation:
- Download the latest GoDaddy Authority Certificates Repository from https://certs.godaddy.com/anonymous/repository.pki . The file you need is gd-class2-root.crt.
- Save the gd-class2-root.crt file somewhere on your webserver, for example in
- Go to the module's security settings admin page at
- Select "Enable server certificate validation." and enter the path to the CRT file you just downloaded. If you saved the file in
sites/all/libraries/then you should enter
sites/all/libraries/gd-class2-root.crtas the location of the Certificate Authority file.
- Click "Save configuration".