Skip to main content
  • Subscribe by RSS
  • Ex Libris Knowledge Center

    Users Asked to Choose SSL Certificate

    • Article Type: General
    • Product: MetaLib
    • Product Version: 3

    When accessing the MetaLib, users authenticated by IP are asked to choose an SSL certificate. How can we prevent this?

    The SSLVerifyClient parameter was slightly changed between Apache 1.3 and 2 ; instead of numbers 0-3 the following options are available:
    - none no client Certificate is required at all
    - optional the client may present a valid Certificate
    - require the client has to present a valid Certificate
    - optional_no_ca the client may present a valid Certificate but it is not required to have a valid CA

    This parameter exists in $httpd_bin/conf/ssl.conf, with the default value in the MetaLib application being "optional_no_ca" - the same as "3" in Apache 1.3 version.

    You can revise this parameter setting from "SSLVerifyClient optional_no_ca" value in the ssl.conf to "SSLVerifyClient none" and see if this solves the problem.

    • Article last edited: 10/8/2013