HP Traffic Director sa7220 User Manual

C H A P T E R 5

HP Traffic Director Server Appliances User Guide

188

config policygroup
service key client-ca
header-certificate

NOTE: With header-
certificate enabled, and
using Internet Explorer*
with a non-trusted CA (for
example, a broker-
generated or Microsoft IIS)
server-generated server
certificate, the client
certificate may not pass
through on the first request.
Pass-through behaves
correctly if the server
certificate is obtained from
a recognized CA such as
Verisign*.

Adds the PEM-encoded client certificate to the HTTP header of
requests sent to the servers. The SSL session ID will also be sent.
The config policygroup service header-names command may be
used to configure the header names field for the client certificate
and SSL session ID.

config policygroup service

key client-ca header-

certificate [disable | enable]

where:
•

policy-name

is the name of a policy group

•

service-name

is the name of a service

•

disable

(the default) disables the client certificate in the

HTTP header

•

enable

enables the client certificate in the HTTP header

config policygroup
service key client-ca
revocation delete

Deletes a CRL.

config policygroup service

key client-ca revocation

[delete]

where:
•

policy-name

is the name of a policy group

•

service-name

is the name of a service

Command

Description