Disabling Certificate Based Mutual Authentication

You can disable certificate based authentication and run all components over HTTPS, however, this action is not recommended for security reasons. The following procedure shows you how to disable certificate based authentication.

To disable certificate based authentication

1. Set clientAuth="false" in the conf\server.xml file for Siebel Gateway and Siebel Configuration Agent to disable certificate based mutual authentication.

   For example, set the HTTPS connector as follows to keep all communication over HTTPS without client certificate authentication:

   <Connector port="xxxx" 
     protocol="org.apache.coyote.http11.Http11NioProtocol"
     maxThreads="150" 
     SSLEnabled="true" 
     scheme="https" 
     secure="true"
     SSLVerifyClient="require" 
     SSLEngine="on" 
     SSLVerifyDepth="2"
     keystoreFile=" xxxx" 
     keystorePass="xxx " 
     keystoreType="JKS"
     truststoreFile="xxx " 
     truststorePass="xxx " 
     truststoreType="JKS"
     clientAuth="false" 
     sslProtocol="TLSv1.2" 
   />
   

2. Restart the application containers for all components: Siebel Application Interface, Siebel Gateway, and Siebel Configuration Agent.

   For information on starting and stopping application containers, see Siebel System Administration Guide.

3. Access the UI using the following address: HTTPS://<hostname>:https_port/.