New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

x509 certificate authentication option 'wantClientAuth' #667

Closed
henriksaari opened this Issue Aug 3, 2018 · 0 comments

Comments

Projects
None yet
3 participants
@henriksaari

henriksaari commented Aug 3, 2018

x509 certificate authentication option 'wantClientAuth'

Request Type

Feature Request

Work Environment

Question Answer
OS version (server) CentOS 7
OS version (client) Windows 7
TheHive version 3.1.0-RC1
Package Type RPM
Browser type & version If applicable

Problem Description

Unable to connect to Hive instance if certificate authentication is enabled but a client certificate isn't provided.
auth.method.pki = true sets the 'needClientAuth' option which means the server will fail and terminate the session if a client certificate isn't provided.
At the current state, it is not possible to use other authentication options with certificate authentication enabled.

Steps to Reproduce

  1. Enable auth.method.pki
  2. Open the site in browser without a client certificate installed

Possible Solutions

Implement configuration options to enable 'wantClientAuth'. This means, the server will request a client certificate, but won't fail if one isn't provided.

Complementary information

Thank you for making this work in the first place :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment