Forum Discussion
NimbostratusClient authentication prompts (SSL profiles)
Hello all,
I was wondering if someone facing below issue when client authentication is implemented with SSL profiles. Every thing works fine after below prompts.
User certificate prompt appears 4 times in chrome, 2 times in IE and once in Firefox.
I am wondering if this has something to do with the browser behaviour ?
Regards,
Akhtar
achrichHi,
We currently have clientssl profile set to "require" - however I`ve tested it with "request" with similar results.
Problem is we have 2 certificates per users - one used for verification and one for email encryption.
Both of these come via the same CA which we advertise.
Its not a massive issue but I expect some noise as previous VPN client software was pre-set.
Thanks.
- Kevin_Stewart
Employee
I have a similar issue using the Edge Client software. When the user logs in the the certificate is requested twice.
Do you have client certificate request/require enabled in the client SSL profile, the APM On-Demand Cert Auth agent, or both?
Is their anyway to prefix the software to always use the relevant certificate ?
No, there's no way to tell the client which certificate to use. You can suggest which certificate to use, if there are multiple that can be used, by sending a CA "root hint" in the SSL handshake (apply a filtered CA bundle in the Advertised CA list of the client SSL profile).
- achrich
Hi,
I have a similar issue using the Edge Client software. When the user logs in the the certificate is requested twice.
Is their anyway to prefix the software to always use the relevant certificate ?
Akhtar_109015Hi Kevin,
Following is the client SSL profile config and irule applied to the virtual server. Will wait for your feedback on the cause of these repeated prompts.
Regards,
Akhtar
- Kevin_Stewart
Also how do you have client cert configured in the client SSL profile?
- Emad
Cirrostratus
what is the error warning in prompt. Also are u using self-signed certificate. ?
