Skip to main content
Version: v7

KB: 1048

How to add client certificates?

Problem Statement

The user wants to add a client certificate.

Solution

Steps to Solve:-

The Certificate Revocation List (CRL) is key to making this security approach work with many users. Without the CRL, should a certificate become compromised you would need to re-issue the Certificate Authority (CA) and any client certificates. With a CRL, however, you can revoke a certificate - allowing sane user management for your back-end application.

With the above part, only a valid client certificate will gain you access to the site(s) behind "listen VIP".

Creating certificates

  1. Login into Haltdos console.

kb-1048

  1. Go to Resources > Client Certificate.

kb-1048

  1. Click on add certificate button.

kb-1048

  1. Configure the certificate, set the scope of certificate and click on save changes.

  2. Go to Apps > WAF > listener > SSL settings.

  3. Enable the client certificate under option "Client Certificate Verification" and from next option named as "Client Certificate" where we can select that which certificate should be used with which listener.

kb-1048

In this way, we can configure the client certificate for allowing the clients to access the web application only if they have required certificate.