439
edits
PSM:CertPrompt: Difference between revisions
Jump to navigation
Jump to search
→Client Authentication Scenarios
| Line 65: | Line 65: | ||
This scenario typically happens if either 1) the user lets his certificate laps, or 2) in the renewal case. In PSM only unexpired certificates that match the CA are used in the 'Select automatically' case. If there are no unexpired certificates, PSM sends no certificates. In the 'Ask every' case expired certificates are listed at the end and marked expired. IE lists all certificates, expired or not. | This scenario typically happens if either 1) the user lets his certificate laps, or 2) in the renewal case. In PSM only unexpired certificates that match the CA are used in the 'Select automatically' case. If there are no unexpired certificates, PSM sends no certificates. In the 'Ask every' case expired certificates are listed at the end and marked expired. IE lists all certificates, expired or not. | ||
'''Multiple certificates, none match''': The client has multiple certificates, but none match the server list. This can be because 1) the client has never been registered with the server and cannot authenticate to the it, or 2) the server does not include a complete list of CA in it's CA list, or the CA list is incorrectly configured. | '''Multiple certificates, none match''': The client has multiple certificates, but none match the server list. This can be because 1) the client has never been registered with the server and cannot authenticate to the it, or 2) the server does not include a complete list of CA in it's CA list, or the CA list is incorrectly configured. This case can happen in a bridged environment. | ||
PSM treates the same as "Client Authentication with no Certificates". | PSM treates the same as "Client Authentication with no Certificates". | ||