By: Abhinay B. user 31 Oct 2018 at 5:28 a.m. CDT

2 Responses
Abhinay B. gravatar
I've seen that Gluu server provides certificate based authentication as mentioned [here](https://github.com/GluuFederation/oxAuth/tree/master/Server/integrations/cert). As Gluu server is an identity provider, how does it provide these certificates in the first place to authenticate? Does it run a chain of CA servers that generate a X.509 certficate for enrolling a client? If yes, is there any example?

By Michael Schwartz staff 31 Oct 2018 at 5:31 a.m. CDT

Michael Schwartz gravatar
See [https://github.com/GluuFederation/oxAuth/tree/master/Server/integrations/cert](https://github.com/GluuFederation/oxAuth/tree/master/Server/integrations/cert)

By Aliaksandr Samuseu staff 31 Oct 2018 at 9:28 a.m. CDT

Aliaksandr Samuseu gravatar
>As Gluu server is an identity provider, how does it provide these certificates in the first place to authenticate? It doesn't. You provide a root CA's cert when you configure this auth method, it will trust any certificate from its chain of trust.