The certificate authentication plug-in provides the means to use client certificates for authentication purposes.
The following steps are required to activate and configure the certificate authentication provider:
In order to activate the certificate authentication plug-in the httpauth and certauth extension library must be loaded according to extension library configuration.
<EXTLIBS>
<LIB>httpauth</LIB>
<LIB>certauth</LIB>
</EXTLIBS>
The certificate authentication plug-in is activated by specifying CERT as the provider name within the AUTHENTICATE configuration of the http authentication handler.
The certificate authentication specific configuration is introduced by the CERT tag and must be a child of the AUTHENTICATE tag.
<HANDLER TYPE="AUTH" NAME="HTTPAUTH">
<AUTHENTICATE TYPE="BASIC" REALM="MYREALM" PROVIDER="CERT" >
<CERT FILE="f:\icstest\icstest\certs\yasiserver" >
</CERT>
</AUTHENTICATE>
</HANDLER>
The CERT tag comprises a FILE attribute that specifies the server certificate file to use for validating the client certificates.