Disable "Require Client Certificate to Access Web Interface" on Security Analytics via the CLI

Article Id: 169070
Status: Published
Updated On: 25-07-2017 07:54
Legacy Id: TECH245879
Products:
Security Analytics
Issue/Introduction:

You may enable the Require Client Certificate to Access Web Interface via the WebUI though Settings > Security > under Client PKI settings > Checked Require Client Certificate to Access Web Interface.

When you enable this feature, all web browsers that do not have a valid certificate from the Issuing Authority will be prevented from accessing the web interface. You will not be able to disable this feature through the WebUI unless you have a valid certificate.

 

Resolution:

At the CLI, you can disable Require Client Certificate to Access Web Interface by editing the file /etc/sysconfig/httpd and then restarting the service.

  1. Edit httpd and set the export_SSL_ lines to "" (Two double quotes) and save the file.  After editing the file, the /etc/sysconfig/httpd with export SSL_ should look like:
export SSL_OPTIONS=""
export SSL_VERIFY_DEPTH=""
export SSL_VERIFY_REQUIRE=""
export SSLCA=""
export SSL_CRL_PATH=""
  1. Restart the HTTP service. 
service httpd restart