Symptoms
Manually adding
TLS Certificate & Key on webUI instead of storing through Self-Signed Certificate or removing Certificate & Key removes TLS configuration, which includes verify-client and verify-client-depth.
Impact
Verify Client and Client Depth configuration of Certificate Authentication will be changed to default values which disables verification of httpd client certificates.
Conditions
- When there is an existing Verify Client and Client Depth configuration, and user tries to remove TLS Certificate & Key on Certificate Management screen on webUI.
- When user fills the TLS Certificate & Key on Certificate Management screen on webUI.
Workaround
- Remove or Add TLS Certificate & Key through CLI.
- While creating Self-Signed Certificate, set "Store TLS" field as true
- Re-add Verify Client and Client Depth after removing or manually adding TLS Certificate & Key.
