[jboss-jira] [JBoss JIRA] (WFLY-5256) HTTPS undertow listener request client certificate despite verify-client=NOT_REQUESTED
Stuart Douglas (JIRA)
issues at jboss.org
Mon Sep 7 20:12:00 EDT 2015
[ https://issues.jboss.org/browse/WFLY-5256?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13106140#comment-13106140 ]
Stuart Douglas commented on WFLY-5256:
--------------------------------------
What is your actual issue here? The title does not match what you have in the description. Is this an issue with certs being requested even though the listener is set to NOT_REQUESTED, or is it an issue with renegotiation not working?
> HTTPS undertow listener request client certificate despite verify-client=NOT_REQUESTED
> --------------------------------------------------------------------------------------
>
> Key: WFLY-5256
> URL: https://issues.jboss.org/browse/WFLY-5256
> Project: WildFly
> Issue Type: Bug
> Components: Web (Undertow)
> Affects Versions: 8.2.0.Final
> Reporter: Manuel Colchete
> Assignee: Stuart Douglas
>
> HTTPS undertow listener has 3 options for verify-client parameter: NOT_REQUESTED (Default), REQUESTED, REQUIRED. If it is set to NOT_REQUESTED (the default), it should not require a certificate chain unless the client requests a resource protected by a security constraint that uses CLIENT-CERT authentication. But when I tried to access secured resource as first, it don't requested certificate and return HTTP status 403.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list