Users Asked to Choose SSL Certificate
- Article Type: General
- Product: MetaLib
- Product Version: 3
When accessing the MetaLib, users authenticated by IP are asked to choose an SSL certificate. How can we prevent this?
The SSLVerifyClient parameter was slightly changed between Apache 1.3 and 2 ; instead of numbers 0-3 the following options are available:
- none no client Certificate is required at all
- optional the client may present a valid Certificate
- require the client has to present a valid Certificate
- optional_no_ca the client may present a valid Certificate but it is not required to have a valid CA
This parameter exists in $httpd_bin/conf/ssl.conf, with the default value in the MetaLib application being "optional_no_ca" - the same as "3" in Apache 1.3 version.
You can revise this parameter setting from "SSLVerifyClient optional_no_ca" value in the ssl.conf to "SSLVerifyClient none" and see if this solves the problem.
- Article last edited: 10/8/2013