My Oracle Support Banner

How To Display The SSO User Name Instead Of 'Users' In The Browser Certificate Popup? (Doc ID 360373.1)

Last updated on MARCH 13, 2019

Applies to:

Oracle Application Server Single Sign-On - Version 10.1.2 and later
Information in this document applies to any platform.
***Checked for relevance on 13-MAR-2019***


SSO has been configured for Digital Certificate Authentication and certificate authentication is working.

Users obtain a certificate using Certificate Authority (OCA) with their Single Sign-On credentials. When OCA issues the certificate it also stores the certificate in the SSO user entry in OID.

When the 10gAS site enabled for SSO certificate authentication is accessed, the Client Authentication popup windows presented by the browser lists all Personal certificates obtained from OCA as 'Users' although they are for different SSO users.

The browser lists certificates by the name of the first CN value in the certificate Subject. With a standard 10gAS installation all SSO users are under the cn=Users,<DIT> container so an example SSO user DN would be:


This is more of an issue where multiple sites are accessed from the same PC and the user needs to be able to clearly see the user the certificate is for in the browser certificate popup.

How to ensure that the browser Client Authentication popup shows certificates issued using Single Sign-On credentials by OCA with the SSO username instead of simply 'Users'?



To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.