I am configuring an ASA5520, which is acting as a Certificate server.
The CA server is enabled and I have issued some client certificates.
I have enabled the following commands:
ssl certificate-authentication interface outside port 443
When I login on the outside I am presented with a request for selecting a client certificate.
When I select this certificate I have access to the web-page of the ASA.
So far OK!
However, when I start a new session and
hit escape on the keyboard when the ASA requests a client certificate, I also get access?!?!?!?!
It bypasses the authentication!
When I enable this on the inside interface (just for testing):
ssl cert-auth int inside port 443
In that case, when I hit escpae, I get a 401 unauthorized message.
This should also be true on the outside.
Can anyone tell me what I am doing wrong?