Skip to main content

Enable client certificate authentication

Enable client certificate authentication on a FairCom server

This section details how to enable client certificate authentication. For more information on the keywords used here, visit the security page in our Database Administrator's Guide.

  1. Create a server certificate signed by a CA certificate named something like my_combined_cert.pem

  2. Add the following information to my_combined_cert.pem in this order:

    a. Server certificate

    b. CA certificate

  3. The unencrypted server private key is in server_private_key.pem.

  4. Shut down the FairCom server.

  5. Edit FairCom's server configuration file, <faircom>/config/ctsrvr.cfg.

  6. In the SUBSYSTEM COMM_PROTOCOL SSL, uncomment or add the lines:

    SERVER_CERTIFICATE_FILE my_combined_cert.pem

    x509_AUTHENTICATION YES

    x509_PATH CN

    DEBUG_LOG ssl.log

  7. Start the FairCom server.

Enable client certificate authentication on a FairCom server

enable client certificate authenticationserver authenticationclient authenticationenable authenticationTLS authenticationcertificate authentication