CA API Gateway (Layer 7)SA94 to API SECURITYSTARTER PACK-7CA Rapid App SecurityMOBILE API GATEWAYCA Mobile - API GatewayCA API Gateway
Issue/Introduction
The following message is output when curl send HTTPS request to API Gateway. NSS: client certificate not found (nickname not specified) message appears. It seems it is error. What is root cause?
Message example: * skipping SSL peer certificate verification * NSS: client certificate not found (nickname not specified) * SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Environment
CA API Gateway 8.x CA API Gateway 9.0 CA API Gateway 9.1 CA API Gateway 9.2 CA API Gateway 9.3
Resolution
API Gateway has function for specify whether the client must present a certificate to authenticate. It is Client Authentication of Listen Port Properties. If "Client Authentication" is not None, the client certificate is checked against the request. So this message will be output to the curl result. If "Client Authentication" is set to None, client certificate verification will not be done.
Please do the step. 01. Select Menu -> Tasks -> Transports -> Manage Listen Ports. 02. Select the [SSL/TLS Settings] Tab in Listen Ports Properties pop. 03. Set Client Authentication = None.