Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
393
Views
0
Helpful
3
Replies

CSS11500 Client Authentication

drex_72
Level 1
Level 1

‎09-07-2006 06:21 AM

We are trying to implement Client Authentication through our CSS11506. Some of our users use a different certificate to authenticate. I have the ssl-proxy-list configured correctly, but when I try to add a 2nd cacert, I get a message saying a certificate has already been configured (sorry I dont have the exact error message).

Unless I'm reading the documentation wrong, I thought you could have up to 4 certificates loaded. Or is that just for server authentication & not client?

We are using WebNS version 7.50.2.05.

Our ssl-proxy-list:

ssl-server 40

ssl-server 40 vip address x.x.x.x

ssl-server 40 rsacert serv_cert

ssl-server 40 rsakey serv_key

ssl-server 40 cipher rsa-with-rc4-128-md5 x.x.x.x 80 weight 5

ssl-server 40 urlrewrite 20 some.url.mil

ssl-server 40 cacert rootcert

ssl-server 40 authentication enable

Labels:
0 Helpful
3 Replies 3

drex_72
Level 1
Level 1
In response to p.krane

‎09-29-2006 08:25 AM

I'm afraid that document doesn't mention anything about client authentication.

0 Helpful

drex_72
Level 1
Level 1

‎10-03-2006 05:36 AM

Well I've gotten a step further. I can load multiple CACERTS into the content switch. However, it seems only the first CACERT I add is doing the authentication. If the client does not authenticate to the first cacert correctly, then it doesn't try the 2nd cacert. It just immediately fails.

0 Helpful
Customers Also Viewed These Support Documents