Skip to content

HTTPS Certificate Authentication

Post any question you may have in regards to GoAnywhere Services and let our talented support staff and other users assist you.
  • alfonso Offline
  • Posts: 2
  • Joined: Thu Nov 03, 2011 11:30 am

HTTPS Certificate Authentication

Post by alfonso »


I'm trying to force certificate authentication for a web user by doing the following:

- Create a self signed certificate
- Import the certificate into Tools > SSL Certificate Manager > Default Trusted Certificates
- Change setting in Security > Web Users > $USER > Authentication > HTTPS/AS2
---- Select Certificate
---- Copy and paste the SHA1 Fingerprint from the SSL Certificate Manager
- Export Private Key and Certificates from the SSL Certificate Manager
- Load the exported certificate into the browser
- Browse to the https://mygaserver/webclient

At his point I was expecting to be logged in but instead I got prompt for login and password.

I tried with:

Chrome 12.0.742.112 on Suse Linux 11
curl 7.19.0 (x86_64-suse-linux-gnu) libcurl/7.19.0 OpenSSL/0.9.8h zlib/1.2.3 libidn/1.10
Firefox 8 on RHEL 6.1
Java REST client (client certificate loaded in the local keystore)

but I never manage to bypass the login form.

I don't know if this makes any difference the the SSL certificate used in the server has a different CN than the server itself. Consequently I get a warning from the browser but nothing more.

Any help would be appreciated.