Question

Enabling Client Authentication with Certifiate

  • 3 December 2021
  • 0 replies
  • 118 views

Hi Guys,

I’m trying to enable client authentication through certificate on Prism Element (CE Edition), in order to establish a 2 ways authentication (Client -> Server and Server -> Client). I followed the documentation related to this configuration. https://portal.nutanix.com/page/documents/details?targetId=Nutanix-Security-Guide-v6_0:mul-security-authentication-client-pc-t.html

Let me sum up my current configuration:

  • Prism element WebUI has a certificate delivered by a local CA.
  •  

 

  • Under the menu Authentication > Client , I’ve enabled “Client Chain Certificate” and “Enable Client Authentication”. The chain contains ( root CA + client certificate ).
    The client certificate, is a “Client Certificate” that support authentication, the common name is set and subjAltName also ( CN = UPN = client@domain.local )

 

When I try to query the api, I get this error message:

{"message":"An Authentication object was not found in the SecurityContext"}

It seems that Prism doesn’t see the client certificate as an authentication method. I also tested querying API through Postman with certificate.

Could you please help me to troubleshoot this situation, I can provide more details if you want to.

PS : I’ve also configured Prism to talk with Active Directory, and the connectivity is working.

 

Thank you,
Regards


0 replies

Be the first to reply!

Reply