Use client authentication

The clientauth parameter determines if client authentication is enabled.

clientauth=<on|off|esmuserid>

Description

Include clientauth=on in the configuration file to specify that any client that attempts to connect using the SSL protocol handler must present its own client certificate.

Include clientauth=esmuserid to specify that clients must present a client certificate, and that the Gateway daemon will retrieve a user ID associated with the client certificate from the External Security Manager (ESM).

This parameter is in the SSL protocol parameters subsection of the GATEWAY section of the configuration file.

Default value

The default value is off.