Configuration Command Set
Related Commands
clientauth error
Syntax Description
Cisco 11000 Series Secure Content Accelerator Configuration Guide
C-168
certgroup enable (Server Configuration Command Set)
clientauth error (Server Configuration Command Set)
clientauth verifydepth (Server Configuration Command Set)
Specifies the client certificate authentication errors to ignore.
clientauth error <cert-not-provided|cert-not-yet-valid|cert-has-expired|
cert-revoked|cert-has-invalid-ca|cert-has-signature-failure|cert-othe
r-error|all> <fail|failhtml|ignore|redirect <url>>
no clientauth error <cert-not-provided|
cert-not-yet-valid|cert-has-expired|cert-revoked|
cert-has-invalid-ca|cert-has-signature-failure|cert-other-error|all >
cert-not-provided
cert-not-yet-valid
cert-has-expired
cert-revoked
cert-has-invalid-ca
cert-has-signature-
failure
cert-other-error
all
fail
failhtml
ignore
Certificate was not provided for authentication.
The certificate is not valid yet.
The certificate has expired.
The certificate has been revoked.
The certificate has an invalid CA.
The signature on the certificate failed.
Any other certificate authentication error.
All certificate authentication errors, including those
listed above.
The client is disconnected abruptly.
The SSL handshake is continued and the client is sent
a static HTML error page listing the reason for the
error. Then the SSL session is disconnected.
The server silently ignores the authentication error and
continues the SSL connection.
Appendix C
Command Summary
78-13124-06