How To Restrict "Client-Side Certificate Required" To DAV

(Doc ID 952063.1)

Last updated on MAY 06, 2015

Applies to:

Oracle Content Services - Version: 10.1.2.3.0
Information in this document applies to any platform.

Goal

How to restrict client-side certificate required to just /content/dav? 

When the Oracle Collaboration Suite (OCS) is configured to require client-side certificates, the configuration is accomplished at the Single Sign-On server (SSO) for most applications.  When connecting to the Content Services DAV server using Microsoft's My Network Places it bypasses SSO.  This is because Microsoft's DAV client cannot be configured to utilize SSO.  To address this potential security issue configure Web Cache to challenge all URLs using /content/dav for a valid client-side certificate.

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms