How To Display The SSO User Name Instead Of 'Users' In The Browser Certificate Popup? (Doc ID 360373.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle9iAS Single Sign-On - Version: 10.1.2
Information in this document applies to any platform.

Goal

SSO has been configured for Digital Certificate Authentication and certificate authentication is working.

Users obtain a certificate using Certificate Authority (OCA) with their Single Sign-On credentials. When OCA issues the certificate it also stores the certificate in the SSO user entry in OID.

When the 10gAS site enabled for SSO certificate authentication is accessed, the Client Authentication popup windows presented by the browser lists all Personal certificates obtained from OCA as 'Users' although they are for different SSO users.

The browser lists certificates by the name of the first CN value in the certificate Subject. With a standard 10gAS installation all SSO users are under the cn=Users,<DIT> container so an example SSO user DN would be:

       cn=test,cn=Users,dc=oracle,dc=com

This is more of an issue where multiple sites are accessed from the same PC and the user needs to be able to clearly see the user the certificate is for in the browser certificate popup.

How to ensure that the browser Client Authentication popup shows certificates issued using Single Sign-On credentials by OCA with the SSO username instead of simply 'Users'?


Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms