IBM Verify

IBM Verify

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  IVIA/ISVA User Certificate Authentication

    Posted 9 days ago
    Hi,
     
    Is it possible to selectively configure which trusted CAs are accepted during the TLS handshake?
     

    During testing, all client certificates issued by the trusted CAs stored in the Reverse Proxy keystore can be used to authenticate users.

    I'm working on a use case where the same root CA issues certificates for both the Reverse Proxy and VPN clients, causing the VPN client certificate to be presented to users as an authentication option.

    Thank you.


    ------------------------------
    Rudy Santos
    ------------------------------


  • 2.  RE: IVIA/ISVA User Certificate Authentication

    Posted 5 days ago

    If you can create two intermediate CAs under the same root CA and each intermediate CA issues cert for the Proxy and VPN clients respectively, that would solve the issue.



    ------------------------------
    Wai Choi
    ------------------------------

    Original Message


Related Content