I've been trying to get mutual authentication, where the client and service both have certificates, to work over SSL (specifically HTTPS) for a simple demo I'm doing at
PDC. In an
earlier entry, I mentioned httpcfg, the tool you use to configure the server side certificate (amongst other things). Unfortunately, while the command line I provided in that entry works just fine for server-only authentication, it doesn't work for mutual authentication. If you try mutual authentication, the client will probably get the helpful '403, Forbidden' error from the HTTP layer. In order for mutual authentication to work the flags parameter to httpcfg needs to be set to '2'. So the full command line needs to be something like;
httpcfg set ssl -I 0:0:0:0:8088 -h abcdefabcdefabcdef -f 2
Hopefully this will save someone some time if they're having trouble getting mutual authentication over HTTPS to work.
Thanks to Hao Xu from the Indigo core messaging team for helping me track this down.
Posted
Aug 30 2005, 07:16 AM
by
martin-gudgin