Re: Disable X.509 Certificate Selection when opening a SSO enabled Solman Website

Hello Patrick.

of course :-)

C:\OpenSSL-Win32\bin>openssl s_client -connect pfa.sap.jenoptik.corp:9443 -prexit

CONNECTED(000001E4)

---

Certificate chain

0 s:/CN=cipfa08.sap.jenoptik.corp

   i:/CN=Jenoptik SAP CA - SSL

1 s:/CN=Jenoptik SAP CA - SSL

   i:/DC=corp/DC=jenoptik/CN=Jenoptik SAP CA

2 s:/DC=corp/DC=jenoptik/CN=Jenoptik SAP CA

   i:/CN=Jenoptik Certificate Authority

---

Server certificate

-----BEGIN CERTIFICATE-----

MIIDCzCCAfOgAwIBAgIEXCIIzTANBgkqhkiG9w0BAQUFADAgMR4wHAYDVQQDExVK

ZW5vcHRpayBTQVAgQ0EgLSBTU0wwHhcNMTMwOTIwMDc1NDIzWhcNMjEwOTE5MTAw

MDAwWjAkMSIwIAYDVQQDExljaXBmYTA4LnNhcC5qZW5vcHRpay5jb3JwMIIBIjAN

BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWiwaGRJ1Bozyz0W1QkaIg5ZdBdF

fEsTQ6VzTJgRr9+3UEZaJ0wEvmBClwp60T4DvjkxnQPsuWRvMhU2dWy2Gn6ZufC+

Mu3l6c0M2y/0gqkahLc7zub/q1WkUdUZcnZC16jnTj7o86zoaAlzaNCxd3WBtjMu

WE2gcaAg6EzGvwDqyVYyUhZfCptdM+NclZJYEdoUV1+rVx34I7qowMksUOlprEeK

HQP0HNofbklMxG3EVFQWnkhD+Du4m/PbJ8jTgCvEwnY3gGRh3dW1MZauP/McJbCc

74wsnBXnjugIDURsBQwR0pWqgVZe5fLKMuaMLx4W1fWK5eZgQVQoppHAkwIDAQAB

o0kwRzAOBgNVHQ8BAf8EBAMCA7gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwIAYDVR0R

BBkwF4IVcGZhLnNhcC5qZW5vcHRpay5jb3JwMA0GCSqGSIb3DQEBBQUAA4IBAQAK

SX1uqnQtkUxg8OOzHjSU/4tWHm1bae077h6aC7NVNIr3WcuWbbbH4tTKdnbL/xDQ

/eD8tRtgVUqovcUh96sPmQbEXVZG+tw1nW/3vlz19slvOSY+omh3YCYHatbAz7wA

GyQeTSU7PsRJlbjd4iRsuu5XgaJ3JB+hIBEhMv//JJjkI2nY5gbo9MjzdeFbOw60

kMvnIMJY7lHT1Zcs5V4aMpFNTx2uMiULgfPxRnxQKhT7QmFhRQvyKpd1vBJwztPB

+4FTtd2TDHqPtcHGunfKK38NSSUZLq6WN0b0ZcsybryqeDOMrOVuJDkCV9w/JIsD

+LZlGBMloJswjVBt8INV

-----END CERTIFICATE-----

subject=/CN=cipfa08.sap.jenoptik.corp

issuer=/CN=Jenoptik SAP CA - SSL

---

Acceptable client certificate CA names

/CN=Jenoptik SAP CA - SSL

/CN=Jenoptik Certificate Authority

---

SSL handshake has read 2953 bytes and written 659 bytes

---

New, TLSv1/SSLv3, Cipher is AES128-SHA

Server public key is 2048 bit

Secure Renegotiation IS supported

Compression: NONE

Expansion: NONE

SSL-Session:

    Protocol  : TLSv1

    Cipher    : AES128-SHA

    Session-ID: AA0B931EE6092A1CA335276533521A04FA7070C0EE13131070B3C985AAD175A5

    Session-ID-ctx:

    Master-Key: 8D3D90CE628C5DB26FDB5E8F705779A2288CE9B2665536C25F1BE348C8408BCC51C6117CF207391CD4222181F089C581

    Key-Arg   : None

    PSK identity: None

    PSK identity hint: None

    SRP username: None

    Start Time: 1422972606

    Timeout   : 300 (sec)

    Verify return code: 20 (unable to get local issuer certificate)

---

closed

---

Certificate chain

0 s:/CN=cipfa08.sap.jenoptik.corp

   i:/CN=Jenoptik SAP CA - SSL

1 s:/CN=Jenoptik SAP CA - SSL

   i:/DC=corp/DC=jenoptik/CN=Jenoptik SAP CA

2 s:/DC=corp/DC=jenoptik/CN=Jenoptik SAP CA

   i:/CN=Jenoptik Certificate Authority

---

Server certificate

-----BEGIN CERTIFICATE-----

MIIDCzCCAfOgAwIBAgIEXCIIzTANBgkqhkiG9w0BAQUFADAgMR4wHAYDVQQDExVK

ZW5vcHRpayBTQVAgQ0EgLSBTU0wwHhcNMTMwOTIwMDc1NDIzWhcNMjEwOTE5MTAw

MDAwWjAkMSIwIAYDVQQDExljaXBmYTA4LnNhcC5qZW5vcHRpay5jb3JwMIIBIjAN

BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWiwaGRJ1Bozyz0W1QkaIg5ZdBdF

fEsTQ6VzTJgRr9+3UEZaJ0wEvmBClwp60T4DvjkxnQPsuWRvMhU2dWy2Gn6ZufC+

Mu3l6c0M2y/0gqkahLc7zub/q1WkUdUZcnZC16jnTj7o86zoaAlzaNCxd3WBtjMu

WE2gcaAg6EzGvwDqyVYyUhZfCptdM+NclZJYEdoUV1+rVx34I7qowMksUOlprEeK

HQP0HNofbklMxG3EVFQWnkhD+Du4m/PbJ8jTgCvEwnY3gGRh3dW1MZauP/McJbCc

74wsnBXnjugIDURsBQwR0pWqgVZe5fLKMuaMLx4W1fWK5eZgQVQoppHAkwIDAQAB

o0kwRzAOBgNVHQ8BAf8EBAMCA7gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwIAYDVR0R

BBkwF4IVcGZhLnNhcC5qZW5vcHRpay5jb3JwMA0GCSqGSIb3DQEBBQUAA4IBAQAK

SX1uqnQtkUxg8OOzHjSU/4tWHm1bae077h6aC7NVNIr3WcuWbbbH4tTKdnbL/xDQ

/eD8tRtgVUqovcUh96sPmQbEXVZG+tw1nW/3vlz19slvOSY+omh3YCYHatbAz7wA

GyQeTSU7PsRJlbjd4iRsuu5XgaJ3JB+hIBEhMv//JJjkI2nY5gbo9MjzdeFbOw60

kMvnIMJY7lHT1Zcs5V4aMpFNTx2uMiULgfPxRnxQKhT7QmFhRQvyKpd1vBJwztPB

+4FTtd2TDHqPtcHGunfKK38NSSUZLq6WN0b0ZcsybryqeDOMrOVuJDkCV9w/JIsD

+LZlGBMloJswjVBt8INV

-----END CERTIFICATE-----

subject=/CN=cipfa08.sap.jenoptik.corp

issuer=/CN=Jenoptik SAP CA - SSL

---

Acceptable client certificate CA names

/CN=Jenoptik SAP CA - SSL

/CN=Jenoptik Certificate Authority

---

SSL handshake has read 2990 bytes and written 696 bytes

---

New, TLSv1/SSLv3, Cipher is AES128-SHA

Server public key is 2048 bit

Secure Renegotiation IS supported

Compression: NONE

Expansion: NONE

SSL-Session:

    Protocol  : TLSv1

    Cipher    : AES128-SHA

    Session-ID: AA0B931EE6092A1CA335276533521A04FA7070C0EE13131070B3C985AAD175A5

    Session-ID-ctx:

    Master-Key: 8D3D90CE628C5DB26FDB5E8F705779A2288CE9B2665536C25F1BE348C8408BCC51C6117CF207391CD4222181F089C581

    Key-Arg   : None

    PSK identity: None

    PSK identity hint: None

    SRP username: None

    Start Time: 1422972606

    Timeout   : 300 (sec)

    Verify return code: 20 (unable to get local issuer certificate)

---

BR,

Sebastian