Bug 1259029
Summary: | Web GUI authentication is being invoked many times on Safari | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Ryan Howe <rhowe> |
Component: | apiserver-auth | Assignee: | Jordan Liggitt <jliggitt> |
Status: | CLOSED DUPLICATE | QA Contact: | Xiaoli Tian <xtian> |
Severity: | low | Docs Contact: | |
Priority: | unspecified | ||
Version: | 3.0.0 | CC: | aos-bugs, jliggitt, jokerman, mmccomas, rhowe |
Target Milestone: | --- | Keywords: | Reopened |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2017-09-19 19:30:31 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Ryan Howe
2015-09-01 19:38:12 UTC
Once you add the CA to the system trusted roots (see https://support.apple.com/kb/PH18677?locale=en_US), Safari should stop prompting. Unfortunately, I don't think the default dialog Safari shows walks you through this. Can you confirm that adding the CA to the system CA's corrects the issue? Requesting this bug to be open again. As adding to Keychain in System it still has the same issue entering credentials over and over again. This may be a docs thing where we need to document how to resolve this issue with Safari. Documentation on how to use your our cert for the webconsole. Currently Safari always prompt saying that the "website requires a client certificate" There are two issues at play, both of which are Safari bugs: 1. Safari does not prompt you to accept the server's signing cert in a permanent way, so websocket requests can fail silently, and later visits to the site sometimes prompt to re-accept an insecure connection. Adding the server's CA to the keychain should resolve that issue. 2. Safari incorrectly prompts to select a client certificate, even when it has no applicable client certificates for the server. The only workaround I'm aware of for this is to remove all client certificates from Safari (including the automatically added one for iCloud/Apple ID) Version of OS and Browser: OS X 10.10.5 Safari 8.0.8 *** This bug has been marked as a duplicate of bug 1493276 *** |