Closed
Description
x509 certificate authentication option 'wantClientAuth'
Request Type
Feature Request
Work Environment
| Question | Answer |
|---|---|
| OS version (server) | CentOS 7 |
| OS version (client) | Windows 7 |
| TheHive version | 3.1.0-RC1 |
| Package Type | RPM |
| Browser type & version | If applicable |
Problem Description
Unable to connect to Hive instance if certificate authentication is enabled but a client certificate isn't provided.
auth.method.pki = true sets the 'needClientAuth' option which means the server will fail and terminate the session if a client certificate isn't provided.
At the current state, it is not possible to use other authentication options with certificate authentication enabled.
Steps to Reproduce
- Enable auth.method.pki
- Open the site in browser without a client certificate installed
Possible Solutions
Implement configuration options to enable 'wantClientAuth'. This means, the server will request a client certificate, but won't fail if one isn't provided.
Complementary information
Thank you for making this work in the first place :)