0

For my REST requests, I am using certificates to connect to a backend Liberty web server. I get prompted with a list of acceptable certificates, and I select one. This works fine. I can do my work.

I logoff from the server because I want to use a different certificate (which gives me different authority) However I automatically get reconnected to the site using the previous certificate, I do not get the list of available certificates presented to me. The only way I have found of doing it is to close down the browser, and restart it. I think the sessionid is being sent up, and reused.

Can I get this to work? It may just be a browser setting, or I may need to change the backend. Ive tried closing the socket, and session.invalidate().

I think this is the opposite of most problems where people do not want to get prompted for the certificate

colin paice
  • 94
  • 1
  • 6
  • In my Firefox preferences, in "Security & Privacy", completely at bottom, I have: "When a server requests your personal certificate" and then two options: 1) Select one automatically 2) Ask you every time. Did you select the second option? – Patrick Mevzek May 15 '20 at 05:27
  • Also, did you see: https://stackoverflow.com/questions/27864553/how-can-i-choose-a-different-client-certificate-in-firefox and https://stackoverflow.com/questions/24040662/how-do-you-present-a-different-pki-client-certificate-to-a-server-once-you-have ? But they are from a few years back... – Patrick Mevzek May 15 '20 at 05:29
  • Patrick - perfect just what I was looking for thank you. It works! I'll look in Chrome for a similar function. – colin paice May 16 '20 at 08:59
  • I found a Chromium discussion [here](https://bugs.chromium.org/p/chromium/issues/detail?id=90454#c18) where they discuss how it would be a good idea to do what Firefox has. It looks like Chromium does not have this capability on unix. I see people explaining how to do it on Windows. – colin paice May 16 '20 at 11:55

0 Answers0