SSLREQCERT= System Option

Specifies what checks to perform on server certificates in a TLS session.

Client: Optional
Server: Optional
Valid in: Configuration file, SAS invocation
Category: Communications: Networking and Encryption
PROC OPTIONS GROUP= Communications
Operating environment: UNIX
Example: export SSLREQCERT=ALLOW

Syntax

SSLREQCERT=ALLOW | DEMAND | NEVER | TRY

Syntax Description

ALLOW

specifies that the client requests a server certificate, but the session proceeds normally even if no certificate is provided or an invalid certificate is provided.

DEMAND

specifies that a server certificate is requested, and if no valid certificate is provided, the session terminates. DEMAND is the default setting.

NEVER

specifies that the Authentication Server does not ask for a certificate.

TRY

specifies that the client requests a server certificate, and if no certificate is provided, the session proceeds normally. If an invalid certificate is provided, the session terminates.

Details

If you do not add the SSLREQCERT= option to your configuration file, then the default value is DEMAND. If you specify SSLREQCERT, then the value of SSLREQCERT applies to all of your authentication providers.