1 Reply Latest reply on Aug 31, 2016 4:57 AM by lenaic.ridinger

    Mutual SSL Authentication and Tabcmd with v9.1 Server

    Sam Underland

      Is it possible to use Tabcmd when the server is configured to use mutual SSL authentication and automatic login with client certificates?

       

      Server is V9.1 and we've selected the checkbox to use mutual SSL and automatic login. Users log in with their client certificates and all's well. But how can we then get Tabcmd to work? Obviously I have to authenticate with a certificate of an administrative user, but there does not seem to be any way of specifying a certificate to use in Tabcmd.

       

      The closest I've gotten is after setting a password for a user and using the command:

      tabcmd login -s https://localhost -c --username 'USERNAME'

       

      I get the response:

      ===== Creating new session

      =====      Server: https://localhost

      =====      Username: 'USERNAME'

      Password:

       

      after entering the password:

      ===== connecting to the server...

        *** Uncaught exception  RuntimeException: javax.net.ssl.SSLHandshake

      exception: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

         *** See the logs for the stacktrace.

       

      If I add the --no-certcheck to the command, after entering the password, I get:

      ===== connecting to the server...

      ===== Signing in...

        *** Not authorized

      The user must present a certificate to login (errCode-59)

       

      Is there an undocumented command line option to provide a certificate? If not, why is there an option us use a certificate (-c)?

       

      Any help or workaround ideas are appreciated.