Hi Guys,I’m trying to enable client authentication through certificate on Prism Element (CE Edition), in order to establish a 2 ways authentication (Client -> Server and Server -> Client). I followed the documentation related to this configuration. https://portal.nutanix.com/page/documents/details?targetId=Nutanix-Security-Guide-v6_0:mul-security-authentication-client-pc-t.htmlLet me sum up my current configuration:Prism element WebUI has a certificate delivered by a local CA. Under the menu Authentication > Client , I’ve enabled “Client Chain Certificate” and “Enable Client Authentication”. The chain contains ( root CA + client certificate ). The client certificate, is a “Client Certificate” that support authentication, the common name is set and subjAltName also ( CN = UPN = client@domain.local ) When I try to query the api, I get this error message:{"message":"An Authentication object was not found in the SecurityContext"}It seems that Prism doesn’t see the client certificate as an authentication method. I also tested querying API through Postman with certificate.Could you please help me to troubleshoot this situation, I can provide more details if you want to.PS : I’ve also configured Prism to talk with Active Directory, and the connectivity is working. Thank you,Regards

Enabling Client Authentication with Certifiate

Hi Guys,

I’m trying to enable client authentication through certificate on Prism Element (CE Edition), in order to establish a 2 ways authentication (Client -> Server and Server -> Client). I followed the documentation related to this configuration. https://portal.nutanix.com/page/documents/details?targetId=Nutanix-Security-Guide-v6_0:mul-security-authentication-client-pc-t.html

Let me sum up my current configuration:

Under the menu Authentication > Client , I’ve enabled “Client Chain Certificate” and “Enable Client Authentication”. The chain contains ( root CA + client certificate ).
The client certificate, is a “Client Certificate” that support authentication, the common name is set and subjAltName also ( CN = UPN = client@domain.local )

When I try to query the api, I get this error message:

{"message":"An Authentication object was not found in the SecurityContext"}

It seems that Prism doesn’t see the client certificate as an authentication method. I also tested querying API through Postman with certificate.

Could you please help me to troubleshoot this situation, I can provide more details if you want to.

PS : I’ve also configured Prism to talk with Active Directory, and the connectivity is working.

Thank you,
Regards

Be the first to reply!