This is a discussion on Client Authentication: certificate selection (based on key usage) - modssl ; Hello All, I have a question about the selection of the client certificate, for client authentication. We use apache 1.3 together with mod_ssl. SSLVerifyClient is set to: required. Normally when a user connects to the website the prompt for certificate ...
Hello All,
I have a question about the selection of the client certificate, for client
authentication.
We use apache 1.3 together with mod_ssl.
SSLVerifyClient is set to: required.
Normally when a user connects to the website the prompt for certificate
selection is displayed.
In the prompt only certificates with the key usage signing are displayed.
For one particular (Win2K+IE) user the prompt shows all available
certificates, so no filtering for key usage of the certificate takes place.
Any suggestions what is causing this?
This only happens at 1 of the total 30 users.
So there must be a client site factor involved, but I have no idea how to
configure this in for example IE.
Thank in advance.
Gr Sven
