HP e-Commerce / XML director server appliance sa8250 - Users Guide
C H A P T E R 5 SSL Commands
213
config policygroup
service key client-ca
Displays, deletes, exports, or imports a client certificate.
config policygroup <policy-name> service
<service-name> key client-ca [delete | export
| import | info]
where:
•
policy-name is the name of a policy group
•
service-name is the name of a service
•
delete deletes a client certificate
•
export exports a client certificate
•
import imports a client certificate
•
info displays the client certificate information
Note: Client certificates are actually loaded in the browser.
Certificates from the Certificate Authority (CA) that issued the
client certificates are loaded in the SA8250.
config policygroup
service key client-ca
header-certificate
Adds a PEM-encoded client certificate to the HTTP header of
requests sent to the servers.
config policygroup <policy-name> service
<service-name> key client-ca
header-certificate [disable | enable]
where:
•
policy-name is the name of a policy group
•
service-name is the name of a service
•
disable (the default) disables the client certificate in the
HTTP header
•
enable enables the client certificate in the HTTP header
Note: With
header-certificate enabled, and using Internet
Explorer* with a non-trusted CA (for example, a broker-generated
or Microsoft IIS) server- generated server certificate, the client
certificate may not pass through on the first request. Pass-through
behaves correctly if the server certificate is obtained from a
recognized Certificate Authority such as Verisign*.
Command Description
SSL Commands (continued)