Forum Discussion
Andy_4962
Nimbostratus
NimbostratusClient Certificate Request on demand
Hello group!
I can not seem to get a client cert request to appear to the end user a second time in a single session.
For authentication purposes, I want to allow the end...
Andy_4962Nimbostratus
NimbostratusAaron and all interested,
We have finally found a solution, though it is not with the BigIP. The client browser was in fact causing the problem. As the session remains between client and server, so does the certificate cache on the client. The browser would re-submit the first cert chosen, which in this case was an empty cert. Firefox has the option to enable a prompt at each cert request, but I could find no such option in any version of IE. Nothing I tried with the BigIP would clear this cache either. SSL renegotiate would request a new cert, but was under the mercy of the browser to comply.
The solution used can be reviewed here - http://forums.asp.net/p/1032469/2854577.aspx2854577 though it does seem limited to Internet Explorer. I've not yet tested this fix under other browsers. We do not currently support other browsers for our application.
Thanks again Aaron for the quick responses!
Andy
