Policy Server Guides › Policy Design Guide › Authentication Schemes › X.509 Client Certificate or HTML Forms Authentication Schemes › X.509 Client Certificate or HTML Forms Scheme Prerequisites

X.509 Client Certificate or HTML Forms Scheme Prerequisites

In order to use the X.509 Client Certificate or HTML Forms authentication scheme, the following prerequisites must be met:

• An X.509 Server Certificate must be installed on the SSL Web server.
• The network must support an SSL connection to the client browser (HTTPS protocol).
• X.509 client certificates must be installed on client browsers.
• Trust must be established between client certificates and server certificates.
• Certificates must be issued by a valid and trusted Certification Authority (CA).
• The issuing CA’s public key must validate the issuer’s digital signature.
• Client and server certificates must not have expired.
• The user’s public key must validate the user’s digital signature.
• User attributes requested by the HTML form must exist in a user directory.
• A connection to the user directory must be configured using the SiteMinder User Directory dialog.
• (For Oracle iPlanet Web Servers [formerly Sun Java Systems]) Increase the value of the StackSize parameter in the magnus.conf file to a value greater than 131072. Failing to change the value causes the web server to dump its core and restart each time SiteMinder makes an authentication request using forms.

More information:

User Directories