Last updated on MARCH 08, 2017
Applies to:Oracle9iAS Single Sign-On - Version: 10.1.2
Information in this document applies to any platform.
SSO has been configured for Digital Certificate Authentication and certificate authentication is working.
Users obtain a certificate using Certificate Authority (OCA) with their Single Sign-On credentials. When OCA issues the certificate it also stores the certificate in the SSO user entry in OID.
When the 10gAS site enabled for SSO certificate authentication is accessed, the Client Authentication popup windows presented by the browser lists all Personal certificates obtained from OCA as 'Users' although they are for different SSO users.
The browser lists certificates by the name of the first CN value in the certificate Subject. With a standard 10gAS installation all SSO users are under the cn=Users,<DIT> container so an example SSO user DN would be:
This is more of an issue where multiple sites are accessed from the same PC and the user needs to be able to clearly see the user the certificate is for in the browser certificate popup.
How to ensure that the browser Client Authentication popup shows certificates issued using Single Sign-On credentials by OCA with the SSO username instead of simply 'Users'?
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms