Tonny Andersson1709158460 Posted October 7 Posted October 7 I have setup an AAA-server with client certificate authentication similar to this: https://docs.netscaler.com/en-us/citrix-adc/current-release/aaa-tm/authentication-methods/citrix-adc-aaa-client-certificate-authentication-policy.html When I browse to the protected site, I select the correct client certificate and then I get this error: Error: Access is Denied. Client SSL Certificate Invalid. The certificate authentication seems to work because if I bind an LDAP-policy after the certificate policy and try with a wrong client cert, then it fails and moves on to the LDAP-policy. This does not happen with the correct client cert (I just get the above error in the browser). Also, if I bind the LDAP-policy at the top, then I get through to the web-site after authentication. Any input on this would be highly appreciated.
Kari Ruissalo Posted October 8 Posted October 8 If you try the authentication and run the the shell command during the attempt, what do you see: cat /tmp/aaad.debug Or then: tail -f /var/log/ns.log
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now