Stack Overflow
Stack Overflow

Questions tagged [ssl-client-authentication]

94 questions
15
votes
2 answers

AWS API Gateway MTLS client auth

Everytime I searched for Mutual Auth over SSL for AWS API Gateway I can only find MTLS between AWS API Gateway and Backend Services. But I'm looking to secure my AWS API Gateway endpoints itself with MTLS (client auth). For instance, I have a…
Shoaib Khan
  • 899
  • 14
  • 26
13
votes
2 answers

Read out incoming certificate in Tomcat

i use a tomcat http connector with client-authentification. If a client start a new connection to my server and sends his certificate, can i get the certificate and read the common name from the incoming certificate out in my java code. If yes,…
adihubba
  • 155
  • 1
  • 1
  • 8
10
votes
0 answers

Can Google Cloud Functions use HTTPS client authentication?

Can I use HTTPS client certificate authentication with HTTPS-triggered Google Cloud Functions? I stand-alone node.js, I would try something like this: var https = require('https'); var options = {requestCert: true, rejectUnauthorized: true};…
Drux
  • 11,992
  • 13
  • 66
  • 116
9
votes
0 answers

How to enable Client Certificate Authentication with Traefik & Kubernetes?

I've been using Traefik for automated https on Kubernetes cluster and it has been working great! Now, I actually want to disable the termination at the Traefik level and just let my backend handle https as well as client certificate authentication.…
Pii
  • 301
  • 4
  • 15
8
votes
2 answers

Can android sign a http/https call, to identify uniquely the app doing the request?

Say, CORS for apps. Well, not the same thing, but... Supposse I have uploaded an app to play store, and now I want my server to accept only connections from this app. How can I do it? What I would expect of the OS is is some process such as adding…
arivero
  • 777
  • 1
  • 9
  • 30
8
votes
1 answer

When do I need "Negotiate Client Certificate" to be set to Enabled?

I optionally want to support Client Certificates. That's why I set Client certificates to Accept on IIS. This works on most machines. However, on some machines IIS returns a 500. This can either be "solved" by setting Client certificates to Ignore…
Dunken
  • 8,481
  • 7
  • 54
  • 87
7
votes
1 answer

GCDAsyncSocket with Client Authentication

I have been using CocoaAsyncSocket to send data to our server without SSL. Now the server side has implemented SSL/TLS with client authentication. TO implement this in our app I was given the following three…
LoveMeSomeFood
  • 3,137
  • 7
  • 30
  • 53
5
votes
0 answers

How to fetch() with ssl client authentication?

Background: I am building a chrome extension that sends a simple http request and should be able to work with ssl client authentication. Goal: Send a fetch request to a site with ssl client authentication without user having to open the site…
jNull
  • 260
  • 2
  • 11
5
votes
0 answers

Connect to MySQL with Microsoft Power Bi Desktop over SSL

I have a MySLQ running on a CentOS server with SSL enabled and it require SSL in order to connect to the databases. I created the certificates and keys using OpenSSL, getting this…
JavierDM
  • 51
  • 3
5
votes
0 answers

spring cloud gateway forward client certificate

I am trying to use spring-cloud-gateway for a spring-boot based service that uses ssl with client-auth. The problem is, calling the service from a client over the api-gateway always fails with "certificate_unknown" (works fine without the gateway).…
Dashy
  • 61
  • 3
4
votes
1 answer

How to ignore signature hash algorithm requested by server during TLS1.2 handshake?

I have a C# application making a successful TCP TLS 1.0 connection with mutual authentication to another company's server. It is implemented using SslStream class. We are just one of many clients of this very large organisation. This TCP link above…
Puzzled
  • 213
  • 3
  • 12
3
votes
1 answer

Can an ELB enforce TLS authentication?

I am using AWS::ElasticLoadBalancingV2::LoadBalancer and we need to start using client certificates (i.e. mTLS / two-way TLS). Our ELB is terminating TLS connections and has a server side certificate. Can the ELB itself be configured to enforce…
sashoalm
  • 75,001
  • 122
  • 434
  • 781
3
votes
0 answers

RestTemplate HTTS & Choosing the Client Certificate

Can someone help me understand how to use HTTPS mutual authentication such that I can programmatically choose which client certificate to use during authentication? Here is the context of the question. I am using: A JKS containing multiple client…
Mark Maxey
  • 811
  • 1
  • 7
  • 9
3
votes
2 answers

Client certificate has different thumprint via ARR and AuthorizationContext

I am currently working on a prototype for a WCF service that will make use of client-certificate authentication. We would like to be able to directly publish our application to IIS, but also allow SSL offloading using IIS ARR (Application Request…
Erik
  • 134
  • 10
2
votes
1 answer

Has anything crucial changed regarding SSL in Tomcat between Tomcat 8 and Tomcat 9?

This is the situation summed up. The configuration below is identical in server.xml in Tomcat 8.5.8 and Tomcat 9.0.64. The JKS-file used is created by keytool in Java 8. Expected behaviour is that when using HTTPS in URL (mysite.org), NetID will…
Paul Bergström
  • 253
  • 1
  • 2
  • 14
1
2 3 4 5 6 7