Disabling the Certificate SSL ID cache

Edit online

About this task

The Certificate SSL ID cache is used only with delayed certificate authentication or authentication strength step-up to certificate authentication.

The cache is disabled automatically, based on the configuration settings for certificate authentication.

Procedure

To verify that the cache is disabled, examine the value for accept-client-certs in the [certificate] stanza. Verify that the value is one of the following:
  • required
  • optional
  • never

Verify that the value is not prompt_as_needed.