You can configure X.509 V3 client certificates on a client, and the certificate can be used to verify the identity of a user requesting a resource. The X.509 Client Certificate authentication schemes implement certificate authentication.
When SSL accelerator (offloader) resides in front of Web Server/Web Agent, is it possible for X.509 Client Certificate Scheme to work?
Web Agent: All
No, it doesn't work. SSL connection is a mandatory requirement because X.509 Client Certificate Authentication can be done with a secure TLS/SSL connection.
If using SSL accelerator offloader, a solution module is available on CA Global Delivery Packaged Work Product Download. Please contact CA Services.
- Advanced Certificate Authentication for CA Single Sign-On (SmX509CertAuth Solution Module)
Advanced Certificate Authentication for CA Single Sign-On