Apex Code Development You need to sign in to do that
Don't have an account?
gaurav.sfdc Salesforce not sending certificate to server (Netscaler)
Our client is using Netscaler, they have put client cert as OPTIONAL and handeling certificate authentication at application layer i.e. PHP code.
It works for them in internal testiing using curl etc but when we ping through Salesforce it fails.
In logs it shows Client certificate not sent. I checked this article, this should be condition for sending certificate
https://help.salesforce.com/apex/HTViewSolution?id=000180836&language=en_US
When I ping same certificates to another normal tomcat server, it works fine.
Can anybody tell what specific setting is required at Netscalar level to make it working
Any help would be appreciated
It works for them in internal testiing using curl etc but when we ping through Salesforce it fails.
In logs it shows Client certificate not sent. I checked this article, this should be condition for sending certificate
https://help.salesforce.com/apex/HTViewSolution?id=000180836&language=en_US
When I ping same certificates to another normal tomcat server, it works fine.
Can anybody tell what specific setting is required at Netscalar level to make it working
Any help would be appreciated
You require some knowledge on SAML and NetScaler in general to be able to configure this and understand what you are doing.
NetScaler 10.5 (or higher) Enterprise Edition (we need AAA feature)
A directory to talk to (LDAP based, AD preferred)
The ability to create certificates (PKI / On the NetScaler / etc.)
Please see the link below for more info
https://netscalerrocks.com/netscaler/netscaler-10-5-saml-identity-provider-idp/
Best Regards
Naga Kiran
They added the self signed certificates and it worked but for Public signed certificates it failed. So far I know we dont need to add public signed certificates as when I tested with tomcat it worked (I do not added public signed certificate in tomcat). public signed certificate comes as a bundle (mycert-->signedby intermediate cert. --> signed by root) , how they should upload it. Are client certificates uploaded the same way as server certificates? Another thing is why we need to add public signed certificate in Netscaler when it is not required with Tomcat