Topic
2 replies Latest Post - ‏2013-08-16T15:45:34Z by swlinn
vrshah
vrshah
22 Posts
ACCEPTED ANSWER

Pinned topic Send Client CA List

‏2013-08-16T15:01:26Z |
We are facing one issue on a data power where in consumer is expecting CA list from data power box for the matching key at their end. 
 
The current setting - Send Client CA List is off and remaining consumers on that domain are happy with this setting.

We are using XI50; Firmware 4.0.2.5

I am wondering the impact of changing the parameter from off state to on state on existing consumers.
 
Appreciate any help!
 
Regards,
VRS
Updated on 2013-08-16T15:15:12Z at 2013-08-16T15:15:12Z by vrshah
  • SriniDp
    SriniDp
    44 Posts
    ACCEPTED ANSWER

    Re: Send Client CA List

    ‏2013-08-16T15:41:12Z  in response to vrshah

    Create a Sperate Crypto Objects to the client who is requesting you to send CA Certs, this wont impact other customers.

  • swlinn
    swlinn
    1330 Posts
    ACCEPTED ANSWER

    Re: Send Client CA List

    ‏2013-08-16T15:45:34Z  in response to vrshah

    I don't believe adding the CA list will impact existing clients, but it would be worth testing first.  Do you have a non-production test environment you could use?  I assume you're discussing a Front Side Handler's Reverse SSL Proxy Profile.  If so your other option would be to have them use a separate port from other clients so they would get a unique SSL configuration, but then that is more configuration for you to have to manage. 

    Regards,

    Steve