Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
397
Views
0
Helpful
1
Replies

CSS11501 and client certificate processing

robert
Level 1
Level 1

‎03-04-2005 01:42 PM

I use CSS 11501 to accelerate ssl sessions and autheticate users.

CSS gets the certificate from the client browser. The certificate DN contains for example:

"CN=info1, SERIALNUMBER=REGON: 321123321, OU=info2, O=info3, C=PL".

The CSS sends the certificate to beckend servers as:

"C=PL, O=info3, OU=info2 ADR, SN=REGON: 321123321, CN=info1".

There are two incorrect things:

1. The order of attributes in DN is reversed. This is not compliant with RCF 1779.

2. SERIALNUMBER is replaced to SN string.

How to resolve this problem ?

Labels:
0 Helpful
1 Reply 1

Gilles Dufour
Cisco Employee
Cisco Employee

‎03-06-2005 02:58 AM

what's your version ?

Are you re-encrypting traffic in the backend ?

Or ar you using the header insert feature ?

What is your config ?

I do not think we touch the certificate.

We simply forward it as we receive it.

But I can verify.

Gilles.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card