Fails to log in to IdM WebUI with certificate/smartcard: Authentication not configured?

Solution Verified - Updated -

Issue

Fails to log in to IdM WebUI with certificate/smartcard

  • Certificate has been added to an user1
  • Attempting to login to WebUI using smart card2. After clicking Log In Using Certificate, Authentication with personal certificate failed error message is displayed on browser.

  • Corresponding log message for the HTTP request is found in /var/log/httpd/access_log:

    <...> "GET /ipa/session/login_x509 HTTP/1.1" 403 258

  • Error messages with the same timestamp have also been recorded in /var/log/httpd/error_log

    [lookup_identity:error] [pid <...>] [client w.x.y.z:52166] lookup_user_by_certificate failed [dbus_connection_send_with_reply_and_block(org.freedesktop.sssd.infopipe.Users.FindByNameAndCertificate)]: [Permission denied], referer: https://idm.example.com/ipa/ui/
[lookup_identity:error] [pid <...>] [client w.x.y.z:52166] lookup_user_by_certificate cleared r->user, referer: https://idm.example.com/ipa/ui/
[core:error] [pid <...>] [client w.x.y.z:52166] AH00027: No authentication done but request not allowed without authentication for /ipa/session/login_x509. Authentication not configured?, referer: https://idm.example.com/ipa/ui/

  1. 51.3. Adding a certificate to a user entry in IdM ↩︎

  2. 51.6. Logging in to IdM with smart cards ↩︎

Environment

  • Red Hat Enterprise Linux 8
  • Red Hat Identity Management (IdM) / FreeIPA
    • ipa-server
    • httpd

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content