However notice the following:Ĭertificates Length: 0 – This indicates no certificate was actually sent by the client to the NetScaler. The certificate is sent from the client over TLS 1.2. The NetScaler then requests the client to identify itself by form of certificate. The message back from NetScaler, Server Hello agrees on a TLS protocol and cipher suite that is supported both by the client and server. The Client Hello message contains the TLS protocol and cipher suites the browser can support. The client sends a Client Hello to NetScaler. When a client connects to NetScaler Gateway, an SSL handshake is performed. Using IE8, IE11 and Edge with TLS 1.2 and SHA1 signed certificate – Client Auth set to Optional.Scnearios tested where Client Certificate authentication fails: Using IE8, IE11 and Edge with TLS 1.0 or 1.1 and SHA1 signed certificate – Client Auth set to Optional or Mandatory.Using Chrome with TLS 1.2 and SHA1 signed certificate – Client Auth set to Optional or Mandatory.Using IE8, IE11 and Edge with TLS 1.2 and SHA1 signed certificate – Client Auth set to Mandatory.Using IE8, IE11 and Edge with TLS 1.2 and SHA256 signed certificate – Client Auth set to Optional or Mandatory.Scenarios tested where Client Certificate authentication succeeds: When NetScaler performs Client Certificate authentication, the SSL Handshake between the client and server fails if the protocol used is TLS 1.2. This issue only occurs when using Internet Explorer with NetScaler.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |